Example 1 with AuthenticationRequest
use of oidc.model.AuthenticationRequest in project OpenConext-oidcng by OpenConext.
the class ResourceCleanerTest method clean.
@Test
public void clean() throws URISyntaxException {
Class[] classes = { User.class, UserConsent.class, AccessToken.class, RefreshToken.class, AuthorizationCode.class, AuthenticationRequest.class };
Stream.of(classes).forEach(clazz -> mongoTemplate.remove(new Query(), clazz));
Date expiresIn = Date.from(LocalDateTime.now().minusDays(1).atZone(ZoneId.systemDefault()).toInstant());
Stream.of(accessToken("value", expiresIn), refreshToken(expiresIn), new AuthorizationCode("code", "sub", "clientId", emptyList(), new URI("http://redirectURI"), "codeChallenge", "codeChallengeMethod", "nonce", emptyList(), true, expiresIn), new User("nope", "unspecifiedNameId", "authenticatingAuthority", "clientId", Collections.emptyMap(), Collections.emptyList()), new AuthenticationRequest(UUID.randomUUID().toString(), expiresIn, "clientID", "http://localhost/authorize"), userConsent()).forEach(o -> mongoTemplate.insert(o));
subject.clean();
Stream.of(classes).forEach(clazz -> assertEquals(0, mongoTemplate.findAll(clazz).size()));
}
Also used :
AuthorizationCode(oidc.model.AuthorizationCode)
User(oidc.model.User)
Query(org.springframework.data.mongodb.core.query.Query)
AuthenticationRequest(oidc.model.AuthenticationRequest)
URI(java.net.URI)
Date(java.util.Date)
AbstractIntegrationTest(oidc.AbstractIntegrationTest)
Test(org.junit.Test)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Example 2 with AuthenticationRequest
use of oidc.model.AuthenticationRequest in project OpenConext-oidcng by OpenConext.
the class ConcurrentSavedRequestAwareAuthenticationSuccessHandler method onAuthenticationSuccess.
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException {
OidcSamlAuthentication samlAuthentication = (OidcSamlAuthentication) authentication;
AuthenticationRequest authenticationRequest = authenticationRequestRepository.findById(samlAuthentication.getAuthenticationRequestID()).orElseThrow(() -> new IllegalArgumentException("No Authentication Request found for ID: " + samlAuthentication.getAuthenticationRequestID()));
String originalRequestUrl = authenticationRequest.getOriginalRequestUrl();
getRedirectStrategy().sendRedirect(request, response, originalRequestUrl);
}
Also used :
AuthenticationRequest(oidc.model.AuthenticationRequest)
OidcSamlAuthentication(oidc.user.OidcSamlAuthentication)
Example 3 with AuthenticationRequest
use of oidc.model.AuthenticationRequest in project OpenConext-oidcng by OpenConext.
the class ResponseAuthenticationConverter method buildUser.
private User buildUser(Assertion assertion, String authenticationRequestID) {
List<AuthnStatement> authnStatements = assertion.getAuthnStatements();
AtomicReference<String> authenticatingAuthority = new AtomicReference<>();
if (!CollectionUtils.isEmpty(authnStatements)) {
authnStatements.stream().map(as -> as.getAuthnContext().getAuthenticatingAuthorities()).flatMap(List::stream).findAny().ifPresent(aa -> authenticatingAuthority.set(aa.getURI()));
}
// need to prevent NullPointer in HashMap merge
Map<String, Object> attributes = userAttributes.stream().filter(ua -> !ua.customMapping).map(ua -> new Object[] { ua.oidc, ua.multiValue ? getAttributeValues(ua.saml, assertion) : getAttributeValue(ua.saml, assertion) }).filter(oo -> oo[1] != null).collect(Collectors.toMap(oo -> (String) oo[0], oo -> oo[1]));
this.addDerivedAttributes(attributes);
AuthenticationRequest authenticationRequest = authenticationRequestRepository.findById(authenticationRequestID).orElseThrow(() -> new IllegalArgumentException("No Authentication Request found for ID: " + authenticationRequestID));
String clientId = authenticationRequest.getClientId();
String nameId = assertion.getSubject().getNameID().getValue();
String eduPersonTargetedId = getAttributeValue("urn:mace:dir:attribute-def:eduPersonTargetedID", assertion);
String collabPersonId = getAttributeValue("urn:mace:surf.nl:attribute-def:internal-collabPersonId", assertion);
String sub;
if (StringUtils.hasText(collabPersonId)) {
sub = nameId;
nameId = collabPersonId;
} else if (StringUtils.hasText(eduPersonTargetedId)) {
sub = eduPersonTargetedId;
} else {
sub = UUID.nameUUIDFromBytes((nameId + "_" + clientId).getBytes()).toString();
}
attributes.put("sub", sub);
List<String> acrClaims = assertion.getAuthnStatements().stream().map(authenticationStatement -> authenticationContextClassReference(authenticationStatement.getAuthnContext().getAuthnContextClassRef())).filter(Optional::isPresent).map(Optional::get).collect(toList());
return new User(sub, nameId, authenticatingAuthority.get(), clientId, attributes, acrClaims);
}
Also used :
java.util(java.util)
User(oidc.model.User)
OidcSamlAuthentication(oidc.user.OidcSamlAuthentication)
OpenSaml4AuthenticationProvider(org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider)
org.opensaml.core.xml.schema(org.opensaml.core.xml.schema)
AtomicReference(java.util.concurrent.atomic.AtomicReference)
Matcher(java.util.regex.Matcher)
TypeReference(com.fasterxml.jackson.core.type.TypeReference)
XMLObject(org.opensaml.core.xml.XMLObject)
UserAttribute(oidc.user.UserAttribute)
Resource(org.springframework.core.io.Resource)
Converter(org.springframework.core.convert.converter.Converter)
Saml2Authentication(org.springframework.security.saml2.provider.service.authentication.Saml2Authentication)
SessionAuthenticationException(org.springframework.security.web.authentication.session.SessionAuthenticationException)
org.opensaml.saml.saml2.core(org.opensaml.saml.saml2.core)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
IOException(java.io.IOException)
Collectors(java.util.stream.Collectors)
AuthenticationRequestRepository(oidc.repository.AuthenticationRequestRepository)
UserRepository(oidc.repository.UserRepository)
Collectors.toList(java.util.stream.Collectors.toList)
AuthenticationRequest(oidc.model.AuthenticationRequest)
CollectionUtils(org.springframework.util.CollectionUtils)
Log(org.apache.commons.logging.Log)
LogFactory(org.apache.commons.logging.LogFactory)
Pattern(java.util.regex.Pattern)
StringUtils(org.springframework.util.StringUtils)
User(oidc.model.User)
AtomicReference(java.util.concurrent.atomic.AtomicReference)
Collectors.toList(java.util.stream.Collectors.toList)
XMLObject(org.opensaml.core.xml.XMLObject)
AuthenticationRequest(oidc.model.AuthenticationRequest)
Example 4 with AuthenticationRequest
use of oidc.model.AuthenticationRequest in project OpenConext-oidcng by OpenConext.
the class ResponseAuthenticationConverterTest method login.
@Test
public void login() throws XMLParserException, UnmarshallingException, IOException, ClassNotFoundException, NoSuchMethodException, IllegalAccessException, InvocationTargetException, InstantiationException {
when(authenticationRequestRepository.findById(anyString())).thenReturn(Optional.of(new AuthenticationRequest("id", new Date(), "clientId", "http://some")));
OidcSamlAuthentication oidcSamlAuthentication = doLogin("saml/authn_response.xml");
User user = oidcSamlAuthentication.getUser();
String sub = user.getSub();
assertEquals("270E4CB4-1C2A-4A96-9AD3-F28C39AD1110", sub);
assertEquals("urn:collab:person:example.com:admin", oidcSamlAuthentication.getName());
assertEquals(3, ((List) user.getAttributes().get("eduperson_affiliation")).size());
}
Also used :
User(oidc.model.User)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
AuthenticationRequest(oidc.model.AuthenticationRequest)
Date(java.util.Date)
OidcSamlAuthentication(oidc.user.OidcSamlAuthentication)
Test(org.junit.Test)
Example 5 with AuthenticationRequest
use of oidc.model.AuthenticationRequest in project OpenConext-oidcng by OpenConext.
the class ResponseAuthenticationConverterTest method loginWithNoAuthnContext.
@Test
public void loginWithNoAuthnContext() throws XMLParserException, UnmarshallingException, IOException, ClassNotFoundException, NoSuchMethodException, IllegalAccessException, InvocationTargetException, InstantiationException {
when(authenticationRequestRepository.findById(anyString())).thenReturn(Optional.of(new AuthenticationRequest("id", new Date(), "clientId", "http://some")));
OidcSamlAuthentication oidcSamlAuthentication = doLogin("saml/no_authn_context_response.xml");
assertEquals("urn:collab:person:example.com:admin", oidcSamlAuthentication.getName());
List<String> acrClaims = oidcSamlAuthentication.getUser().getAcrClaims();
assertEquals(1, acrClaims.size());
assertEquals("urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified", acrClaims.get(0));
}
Also used :
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
AuthenticationRequest(oidc.model.AuthenticationRequest)
Date(java.util.Date)
OidcSamlAuthentication(oidc.user.OidcSamlAuthentication)
Test(org.junit.Test)
Aggregations
AuthenticationRequest (oidc.model.AuthenticationRequest)10
Date (java.util.Date)8
OidcSamlAuthentication (oidc.user.OidcSamlAuthentication)7
Test (org.junit.Test)7
User (oidc.model.User)3
ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)3
URI (java.net.URI)2
AuthenticationRequestRepository (oidc.repository.AuthenticationRequestRepository)2
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)2
OpenSaml4AuthenticationProvider (org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider)2
TypeReference (com.fasterxml.jackson.core.type.TypeReference)1
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1
IOException (java.io.IOException)1
java.util (java.util)1
AtomicReference (java.util.concurrent.atomic.AtomicReference)1
Matcher (java.util.regex.Matcher)1
Pattern (java.util.regex.Pattern)1
Collectors (java.util.stream.Collectors)1
Collectors.toList (java.util.stream.Collectors.toList)1
AbstractIntegrationTest (oidc.AbstractIntegrationTest)1
