Examples with CriteriaSet net.shibboleth.utilities.java.support.resolver.CriteriaSet used on opensource projects

Search in sources :

Example 26 with CriteriaSet

use of net.shibboleth.utilities.java.support.resolver.CriteriaSet in project cas by apereo.

the class SamlRegisteredServiceMetadataExpirationPolicyTests method verifyPolicyByEntityCache.

@Test
public void verifyPolicyByEntityCache() throws Exception {
    val policy = new SamlRegisteredServiceMetadataExpirationPolicy(Beans.newDuration("PT5M"));
    val props = new SamlIdPProperties();
    props.getMetadata().getFileSystem().setLocation(new FileSystemResource(FileUtils.getTempDirectory()).getFile().getCanonicalPath());
    val service = new SamlRegisteredService();
    service.setMetadataExpirationDuration(StringUtils.EMPTY);
    service.setServiceId("https://carmenwiki.osu.edu/shibboleth");
    service.setMetadataLocation("classpath:GroovyMetadataResolver.groovy");
    val cacheKey = new SamlRegisteredServiceCacheKey(service, new CriteriaSet());
    val resolver = mock(MetadataResolver.class);
    val entity = mock(EntityDescriptor.class);
    val entityCacheDuration = Duration.ofSeconds(10);
    when(entity.getCacheDuration()).thenReturn(entityCacheDuration);
    when(resolver.resolveSingle(any())).thenReturn(entity);
    assertEquals(entityCacheDuration.toNanos(), policy.expireAfterCreate(cacheKey, resolver, System.currentTimeMillis()));
    when(resolver.resolveSingle(any())).thenThrow(new IllegalArgumentException());
    assertEquals(policy.getDefaultExpiration(), policy.expireAfterCreate(cacheKey, resolver, System.currentTimeMillis()));
    assertEquals(policy.getDefaultExpiration(), policy.expireAfterUpdate(cacheKey, resolver, 1000, policy.getDefaultExpiration()));
}
Also used : lombok.val(lombok.val) SamlRegisteredServiceCacheKey(org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCacheKey) SamlIdPProperties(org.apereo.cas.configuration.model.support.saml.idp.SamlIdPProperties) SamlRegisteredServiceMetadataExpirationPolicy(org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceMetadataExpirationPolicy) SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService) CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet) FileSystemResource(org.springframework.core.io.FileSystemResource) Test(org.junit.jupiter.api.Test)

Example 27 with CriteriaSet

use of net.shibboleth.utilities.java.support.resolver.CriteriaSet in project cas by apereo.

the class MetadataQueryProtocolMetadataResolver method fetchMetadata.

@Override
protected HttpResponse fetchMetadata(final SamlRegisteredService service, final String metadataLocation, final CriteriaSet criteriaSet, final File backupFile) {
    val metadata = samlIdPProperties.getMetadata().getMdq();
    val headers = new LinkedHashMap<String, Object>();
    headers.put("Content-Type", metadata.getSupportedContentTypes());
    headers.put("Accept", "*/*");
    val path = backupFile.toPath();
    if (Files.exists(path)) {
        Unchecked.consumer(store -> {
            val etag = new String((byte[]) Files.getAttribute(path, "user:ETag"), StandardCharsets.UTF_8).trim();
            headers.put("If-None-Match", etag);
        }).accept(path);
    }
    LOGGER.trace("Fetching metadata via MDQ for [{}]", metadataLocation);
    val exec = HttpUtils.HttpExecutionRequest.builder().basicAuthPassword(metadata.getBasicAuthnPassword()).basicAuthUsername(metadata.getBasicAuthnUsername()).method(HttpMethod.GET).url(metadataLocation).headers(headers).proxyUrl(service.getMetadataProxyLocation()).build();
    val response = HttpUtils.execute(exec);
    if (response == null) {
        LOGGER.error("Unable to fetch metadata from [{}]", metadataLocation);
        throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE);
    }
    return response;
}
Also used : lombok.val(lombok.val) StringUtils(org.apache.commons.lang3.StringUtils) ByteBuffer(java.nio.ByteBuffer) EntityUtils(org.apache.http.util.EntityUtils) SamlUtils(org.apereo.cas.support.saml.SamlUtils) LinkedHashMap(java.util.LinkedHashMap) InMemoryResourceMetadataResolver(org.apereo.cas.support.saml.InMemoryResourceMetadataResolver) SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService) SamlException(org.apereo.cas.support.saml.SamlException) AbstractMetadataResolver(org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver) StreamSupport(java.util.stream.StreamSupport) UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException) Unchecked(org.jooq.lambda.Unchecked) Files(java.nio.file.Files) SamlIdPProperties(org.apereo.cas.configuration.model.support.saml.idp.SamlIdPProperties) lombok.val(lombok.val) HttpMethod(org.springframework.http.HttpMethod) UserDefinedFileAttributeView(java.nio.file.attribute.UserDefinedFileAttributeView) HttpUtils(org.apereo.cas.util.HttpUtils) File(java.io.File) StandardCharsets(java.nio.charset.StandardCharsets) OpenSamlConfigBean(org.apereo.cas.support.saml.OpenSamlConfigBean) IOUtils(org.apache.commons.io.IOUtils) HttpStatus(org.springframework.http.HttpStatus) Slf4j(lombok.extern.slf4j.Slf4j) EntityIdCriterion(org.opensaml.core.criterion.EntityIdCriterion) CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet) HttpResponse(org.apache.http.HttpResponse) Optional(java.util.Optional) EncodingUtils(org.apereo.cas.util.EncodingUtils) UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException) LinkedHashMap(java.util.LinkedHashMap)

Example 28 with CriteriaSet

use of net.shibboleth.utilities.java.support.resolver.CriteriaSet in project cas by apereo.

the class InMemoryResourceMetadataResolverTests method verifyInvalidExpiredMetadataResourceIsOkay.

@Test
public void verifyInvalidExpiredMetadataResourceIsOkay() throws Exception {
    val resolver = new InMemoryResourceMetadataResolver(new ClassPathResource("metadata/metadata-expired.xml"), configBean);
    resolver.setRequireValidMetadata(false);
    resolver.setId(UUID.randomUUID().toString());
    resolver.initialize();
    val criteriaSet = new CriteriaSet();
    criteriaSet.add(new EntityIdCriterion("urn:app.e2ma.net"));
    criteriaSet.add(new EntityRoleCriterion(SPSSODescriptor.DEFAULT_ELEMENT_NAME));
    val resolved = resolver.resolve(criteriaSet);
    assertFalse(Iterables.isEmpty(resolved));
}
Also used : lombok.val(lombok.val) CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet) EntityIdCriterion(org.opensaml.core.criterion.EntityIdCriterion) EntityRoleCriterion(org.opensaml.saml.criterion.EntityRoleCriterion) ClassPathResource(org.springframework.core.io.ClassPathResource) Test(org.junit.jupiter.api.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 29 with CriteriaSet

use of net.shibboleth.utilities.java.support.resolver.CriteriaSet in project cas by apereo.

the class InMemoryResourceMetadataResolverTests method verifyExpiredValidUntilMetadataResource.

@Test
public void verifyExpiredValidUntilMetadataResource() throws Exception {
    val resolver = new InMemoryResourceMetadataResolver(new ClassPathResource("metadata/metadata-expired.xml"), configBean);
    resolver.setId(UUID.randomUUID().toString());
    resolver.initialize();
    val criteriaSet = new CriteriaSet();
    criteriaSet.add(new EntityIdCriterion("urn:app.e2ma.net"));
    criteriaSet.add(new EntityRoleCriterion(SPSSODescriptor.DEFAULT_ELEMENT_NAME));
    val resolved = resolver.resolve(criteriaSet);
    assertTrue(Iterables.isEmpty(resolved));
}
Also used : lombok.val(lombok.val) CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet) EntityIdCriterion(org.opensaml.core.criterion.EntityIdCriterion) EntityRoleCriterion(org.opensaml.saml.criterion.EntityRoleCriterion) ClassPathResource(org.springframework.core.io.ClassPathResource) Test(org.junit.jupiter.api.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 30 with CriteriaSet

use of net.shibboleth.utilities.java.support.resolver.CriteriaSet in project verify-hub by alphagov.

the class IdpSingleSignOnServiceHelperTest method setUp.

@BeforeEach
public void setUp() throws ResolverException, MarshallingException, SignatureException {
    CriteriaSet criteria = new CriteriaSet(new EntityIdCriterion(idpEntityId));
    EntityDescriptor idpEntityDescriptor = anEntityDescriptor().withIdpSsoDescriptor(anIdpSsoDescriptor().withSingleSignOnService(anEndpoint().withLocation(idpSSOUri.toASCIIString()).buildSingleSignOnService()).build()).build();
    when(metadataProvider.resolveSingle(eq(criteria))).thenReturn(idpEntityDescriptor);
    when(metadataProvider.resolveSingle(not(eq(criteria)))).thenReturn(null);
    idpSingleSignOnServiceHelper = new IdpSingleSignOnServiceHelper(metadataProvider);
}
Also used : EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor) EntityDescriptorBuilder.anEntityDescriptor(uk.gov.ida.saml.core.test.builders.metadata.EntityDescriptorBuilder.anEntityDescriptor) CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet) EntityIdCriterion(org.opensaml.core.criterion.EntityIdCriterion) BeforeEach(org.junit.jupiter.api.BeforeEach)

Aggregations

CriteriaSet (net.shibboleth.utilities.java.support.resolver.CriteriaSet)68 lombok.val (lombok.val)44 EntityIdCriterion (org.opensaml.core.criterion.EntityIdCriterion)40 EntityRoleCriterion (org.opensaml.saml.criterion.EntityRoleCriterion)28 SamlRegisteredService (org.apereo.cas.support.saml.services.SamlRegisteredService)18 Test (org.junit.jupiter.api.Test)16 UsageCriterion (org.opensaml.security.criteria.UsageCriterion)11 SamlIdPProperties (org.apereo.cas.configuration.model.support.saml.idp.SamlIdPProperties)10 EntityDescriptor (org.opensaml.saml.saml2.metadata.EntityDescriptor)10 ArrayList (java.util.ArrayList)9 SignatureSigningConfigurationCriterion (org.opensaml.xmlsec.criterion.SignatureSigningConfigurationCriterion)9 MetadataResolver (org.opensaml.saml.metadata.resolver.MetadataResolver)8 SAMLMetadataSignatureSigningParametersResolver (org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver)8 SneakyThrows (lombok.SneakyThrows)7 StringUtils (org.apache.commons.lang3.StringUtils)7 SignatureSigningParameters (org.opensaml.xmlsec.SignatureSigningParameters)7 FileSystemResource (org.springframework.core.io.FileSystemResource)7 SamlException (org.apereo.cas.support.saml.SamlException)6 EvaluableEntityRoleEntityDescriptorCriterion (org.opensaml.saml.metadata.criteria.entity.impl.EvaluableEntityRoleEntityDescriptorCriterion)6 Credential (org.opensaml.security.credential.Credential)6
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial