Example 6 with SimpleSign
use of ddf.security.samlp.SimpleSign in project ddf by codice.
the class LogoutRequestServiceTest method setup.
@Before
public void setup() throws ParserConfigurationException, SAXException, IOException {
simpleSign = mock(SimpleSign.class);
idpMetadata = mock(IdpMetadata.class);
relayStates = mock(RelayStates.class);
sessionFactory = mock(SessionFactory.class);
request = mock(HttpServletRequest.class);
logoutMessage = mock(LogoutMessage.class);
encryptionService = mock(EncryptionService.class);
session = mock(HttpSession.class);
securityTokenHolder = mock(SecurityTokenHolder.class);
Element issuedAssertion = readSamlAssertion().getDocumentElement();
String assertionId = issuedAssertion.getAttributeNodeNS(null, "ID").getNodeValue();
SecurityToken token = new SecurityToken(assertionId, issuedAssertion, null);
when(securityTokenHolder.getSecurityToken("idp")).thenReturn(token);
logoutRequestService = new MockLogoutRequestService(simpleSign, idpMetadata, relayStates);
logoutRequestService.setEncryptionService(encryptionService);
logoutRequestService.setLogOutPageTimeOut(LOGOUT_PAGE_TIMEOUT);
logoutRequestService.setLogoutMessage(logoutMessage);
logoutRequestService.setRequest(request);
logoutRequestService.setSessionFactory(sessionFactory);
logoutRequestService.init();
when(sessionFactory.getOrCreateSession(request)).thenReturn(session);
when(session.getAttribute(eq(SecurityConstants.SAML_ASSERTION))).thenReturn(securityTokenHolder);
when(request.getRequestURL()).thenReturn(new StringBuffer("www.url.com/url"));
when(idpMetadata.getSigningCertificate()).thenReturn("signingCertificate");
when(idpMetadata.getSingleLogoutBinding()).thenReturn(SamlProtocol.REDIRECT_BINDING);
when(idpMetadata.getSingleLogoutLocation()).thenReturn(redirectLogoutUrl);
System.setProperty("security.audit.roles", "none");
}
Also used :
SessionFactory(ddf.security.http.SessionFactory)
RelayStates(ddf.security.samlp.impl.RelayStates)
LogoutMessage(ddf.security.samlp.LogoutMessage)
HttpSession(javax.servlet.http.HttpSession)
Element(org.w3c.dom.Element)
Matchers.anyString(org.mockito.Matchers.anyString)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken)
SimpleSign(ddf.security.samlp.SimpleSign)
SecurityTokenHolder(ddf.security.common.SecurityTokenHolder)
EncryptionService(ddf.security.encryption.EncryptionService)
Before(org.junit.Before)
Example 7 with SimpleSign
use of ddf.security.samlp.SimpleSign in project ddf by codice.
the class IdpHandlerTest method setUp.
@Before
public void setUp() throws Exception {
encryptionService = mock(EncryptionService.class);
systemCrypto = new SystemCrypto("encryption.properties", "signature.properties", encryptionService);
simpleSign = new SimpleSign(systemCrypto);
idpMetadata = new IdpMetadata();
relayStates = (RelayStates<String>) mock(RelayStates.class);
when(relayStates.encode(anyString())).thenReturn(RELAY_STATE_VAL);
when(relayStates.decode(RELAY_STATE_VAL)).thenReturn(LOCATION);
httpRequest = mock(HttpServletRequest.class);
when(httpRequest.getRequestURL()).thenReturn(new StringBuffer("https://localhost:8993"));
when(httpRequest.getMethod()).thenReturn("GET");
httpResponse = mock(HttpServletResponse.class);
idpHandler = new IdpHandler(simpleSign, idpMetadata, relayStates);
StringWriter writer = new StringWriter();
InputStream inputStream = this.getClass().getResourceAsStream("/IDPmetadata.xml");
IOUtils.copy(inputStream, writer, "UTF-8");
metadata = writer.toString();
idpMetadata.setMetadata(metadata);
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
SimpleSign(ddf.security.samlp.SimpleSign)
SystemCrypto(ddf.security.samlp.SystemCrypto)
StringWriter(java.io.StringWriter)
EncryptionService(ddf.security.encryption.EncryptionService)
InputStream(java.io.InputStream)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
Matchers.anyString(org.mockito.Matchers.anyString)
Before(org.junit.Before)
Example 8 with SimpleSign
use of ddf.security.samlp.SimpleSign in project ddf by codice.
the class AssertionConsumerServiceTest method setUp.
@Before
public void setUp() throws Exception {
encryptionService = mock(EncryptionService.class);
systemCrypto = new SystemCrypto("encryption.properties", "signature.properties", encryptionService);
simpleSign = new SimpleSign(systemCrypto);
relayStates = (RelayStates<String>) mock(RelayStates.class);
when(relayStates.encode("fubar")).thenReturn(RELAY_STATE_VAL);
when(relayStates.decode(RELAY_STATE_VAL)).thenReturn(LOCATION);
loginFilter = mock(javax.servlet.Filter.class);
sessionFactory = mock(SessionFactory.class);
httpRequest = mock(HttpServletRequest.class);
when(httpRequest.getRequestURL()).thenReturn(new StringBuffer("fubar"));
when(httpRequest.isSecure()).thenReturn(true);
idpMetadata = new IdpMetadata();
assertionConsumerService = new AssertionConsumerService(simpleSign, idpMetadata, systemCrypto, relayStates);
assertionConsumerService.setRequest(httpRequest);
assertionConsumerService.setLoginFilter(loginFilter);
assertionConsumerService.setSessionFactory(sessionFactory);
cannedResponse = Resources.toString(Resources.getResource(getClass(), "/SAMLResponse.xml"), Charsets.UTF_8);
String metadata = Resources.toString(Resources.getResource(getClass(), "/IDPmetadata.xml"), Charsets.UTF_8);
deflatedSamlResponse = Resources.toString(Resources.getResource(getClass(), "/DeflatedSAMLResponse.txt"), Charsets.UTF_8);
idpMetadata.setMetadata(metadata);
}
Also used :
SessionFactory(ddf.security.http.SessionFactory)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
SimpleSign(ddf.security.samlp.SimpleSign)
SystemCrypto(ddf.security.samlp.SystemCrypto)
Filter(javax.servlet.Filter)
EncryptionService(ddf.security.encryption.EncryptionService)
Before(org.junit.Before)
Example 9 with SimpleSign
use of ddf.security.samlp.SimpleSign in project ddf by codice.
the class IdpEndpoint method getSamlRedirectResponse.
private Response getSamlRedirectResponse(XMLObject samlResponse, String targetUrl, String relayState, SamlProtocol.Type samlType) throws IOException, SimpleSign.SignatureException, WSSecurityException {
LOGGER.debug("Signing SAML response for redirect.");
Document doc = DOMUtils.createDocument();
doc.appendChild(doc.createElement("root"));
String encodedResponse = URLEncoder.encode(RestSecurity.deflateAndBase64Encode(DOM2Writer.nodeToString(OpenSAMLUtil.toDom(samlResponse, doc, false))), "UTF-8");
String requestToSign = String.format("%s=%s&RelayState=%s", samlType.getKey(), encodedResponse, relayState);
UriBuilder uriBuilder = UriBuilder.fromUri(targetUrl);
uriBuilder.queryParam(samlType.getKey(), encodedResponse);
uriBuilder.queryParam(SSOConstants.RELAY_STATE, relayState == null ? "" : relayState);
new SimpleSign(systemCrypto).signUriString(requestToSign, uriBuilder);
LOGGER.debug("Signing successful.");
return Response.ok(HtmlResponseTemplate.getRedirectPage(uriBuilder.build().toString())).build();
}
Also used :
SimpleSign(ddf.security.samlp.SimpleSign)
Document(org.w3c.dom.Document)
UriBuilder(javax.ws.rs.core.UriBuilder)
Aggregations
SimpleSign (ddf.security.samlp.SimpleSign)9
EncryptionService (ddf.security.encryption.EncryptionService)5
Before (org.junit.Before)5
SystemCrypto (ddf.security.samlp.SystemCrypto)4
HttpServletRequest (javax.servlet.http.HttpServletRequest)3
UriBuilder (javax.ws.rs.core.UriBuilder)3
Document (org.w3c.dom.Document)3
SessionFactory (ddf.security.http.SessionFactory)2
Matchers.anyString (org.mockito.Matchers.anyString)2
SecurityTokenHolder (ddf.security.common.SecurityTokenHolder)1
RequestBuilder (ddf.security.liberty.paos.impl.RequestBuilder)1
ResponseBuilder (ddf.security.liberty.paos.impl.ResponseBuilder)1
LogoutMessage (ddf.security.samlp.LogoutMessage)1
RelayStates (ddf.security.samlp.impl.RelayStates)1
SamlValidator (ddf.security.samlp.impl.SamlValidator)1
InputStream (java.io.InputStream)1
StringWriter (java.io.StringWriter)1
Filter (javax.servlet.Filter)1
HttpServletResponse (javax.servlet.http.HttpServletResponse)1
HttpSession (javax.servlet.http.HttpSession)1
