use of oidc.model.AuthenticationRequest in project OpenConext-oidcng by OpenConext.
the class ResourceCleanerTest method clean.
@Test
public void clean() throws URISyntaxException {
Class[] classes = { User.class, UserConsent.class, AccessToken.class, RefreshToken.class, AuthorizationCode.class, AuthenticationRequest.class };
Stream.of(classes).forEach(clazz -> mongoTemplate.remove(new Query(), clazz));
Date expiresIn = Date.from(LocalDateTime.now().minusDays(1).atZone(ZoneId.systemDefault()).toInstant());
Stream.of(accessToken("value", expiresIn), refreshToken(expiresIn), new AuthorizationCode("code", "sub", "clientId", emptyList(), new URI("http://redirectURI"), "codeChallenge", "codeChallengeMethod", "nonce", emptyList(), true, expiresIn), new User("nope", "unspecifiedNameId", "authenticatingAuthority", "clientId", Collections.emptyMap(), Collections.emptyList()), new AuthenticationRequest(UUID.randomUUID().toString(), expiresIn, "clientID", "http://localhost/authorize"), userConsent()).forEach(o -> mongoTemplate.insert(o));
subject.clean();
Stream.of(classes).forEach(clazz -> assertEquals(0, mongoTemplate.findAll(clazz).size()));
}
use of oidc.model.AuthenticationRequest in project OpenConext-oidcng by OpenConext.
the class ConcurrentSavedRequestAwareAuthenticationSuccessHandler method onAuthenticationSuccess.
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException {
OidcSamlAuthentication samlAuthentication = (OidcSamlAuthentication) authentication;
AuthenticationRequest authenticationRequest = authenticationRequestRepository.findById(samlAuthentication.getAuthenticationRequestID()).orElseThrow(() -> new IllegalArgumentException("No Authentication Request found for ID: " + samlAuthentication.getAuthenticationRequestID()));
String originalRequestUrl = authenticationRequest.getOriginalRequestUrl();
getRedirectStrategy().sendRedirect(request, response, originalRequestUrl);
}
use of oidc.model.AuthenticationRequest in project OpenConext-oidcng by OpenConext.
the class ResponseAuthenticationConverter method buildUser.
private User buildUser(Assertion assertion, String authenticationRequestID) {
List<AuthnStatement> authnStatements = assertion.getAuthnStatements();
AtomicReference<String> authenticatingAuthority = new AtomicReference<>();
if (!CollectionUtils.isEmpty(authnStatements)) {
authnStatements.stream().map(as -> as.getAuthnContext().getAuthenticatingAuthorities()).flatMap(List::stream).findAny().ifPresent(aa -> authenticatingAuthority.set(aa.getURI()));
}
// need to prevent NullPointer in HashMap merge
Map<String, Object> attributes = userAttributes.stream().filter(ua -> !ua.customMapping).map(ua -> new Object[] { ua.oidc, ua.multiValue ? getAttributeValues(ua.saml, assertion) : getAttributeValue(ua.saml, assertion) }).filter(oo -> oo[1] != null).collect(Collectors.toMap(oo -> (String) oo[0], oo -> oo[1]));
this.addDerivedAttributes(attributes);
AuthenticationRequest authenticationRequest = authenticationRequestRepository.findById(authenticationRequestID).orElseThrow(() -> new IllegalArgumentException("No Authentication Request found for ID: " + authenticationRequestID));
String clientId = authenticationRequest.getClientId();
String nameId = assertion.getSubject().getNameID().getValue();
String eduPersonTargetedId = getAttributeValue("urn:mace:dir:attribute-def:eduPersonTargetedID", assertion);
String collabPersonId = getAttributeValue("urn:mace:surf.nl:attribute-def:internal-collabPersonId", assertion);
String sub;
if (StringUtils.hasText(collabPersonId)) {
sub = nameId;
nameId = collabPersonId;
} else if (StringUtils.hasText(eduPersonTargetedId)) {
sub = eduPersonTargetedId;
} else {
sub = UUID.nameUUIDFromBytes((nameId + "_" + clientId).getBytes()).toString();
}
attributes.put("sub", sub);
List<String> acrClaims = assertion.getAuthnStatements().stream().map(authenticationStatement -> authenticationContextClassReference(authenticationStatement.getAuthnContext().getAuthnContextClassRef())).filter(Optional::isPresent).map(Optional::get).collect(toList());
return new User(sub, nameId, authenticatingAuthority.get(), clientId, attributes, acrClaims);
}
use of oidc.model.AuthenticationRequest in project OpenConext-oidcng by OpenConext.
the class ResponseAuthenticationConverterTest method login.
@Test
public void login() throws XMLParserException, UnmarshallingException, IOException, ClassNotFoundException, NoSuchMethodException, IllegalAccessException, InvocationTargetException, InstantiationException {
when(authenticationRequestRepository.findById(anyString())).thenReturn(Optional.of(new AuthenticationRequest("id", new Date(), "clientId", "http://some")));
OidcSamlAuthentication oidcSamlAuthentication = doLogin("saml/authn_response.xml");
User user = oidcSamlAuthentication.getUser();
String sub = user.getSub();
assertEquals("270E4CB4-1C2A-4A96-9AD3-F28C39AD1110", sub);
assertEquals("urn:collab:person:example.com:admin", oidcSamlAuthentication.getName());
assertEquals(3, ((List) user.getAttributes().get("eduperson_affiliation")).size());
}
use of oidc.model.AuthenticationRequest in project OpenConext-oidcng by OpenConext.
the class ResponseAuthenticationConverterTest method loginWithNoAuthnContext.
@Test
public void loginWithNoAuthnContext() throws XMLParserException, UnmarshallingException, IOException, ClassNotFoundException, NoSuchMethodException, IllegalAccessException, InvocationTargetException, InstantiationException {
when(authenticationRequestRepository.findById(anyString())).thenReturn(Optional.of(new AuthenticationRequest("id", new Date(), "clientId", "http://some")));
OidcSamlAuthentication oidcSamlAuthentication = doLogin("saml/no_authn_context_response.xml");
assertEquals("urn:collab:person:example.com:admin", oidcSamlAuthentication.getName());
List<String> acrClaims = oidcSamlAuthentication.getUser().getAcrClaims();
assertEquals(1, acrClaims.size());
assertEquals("urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified", acrClaims.get(0));
}
Aggregations