Examples with SamlSecurity org.codice.ddf.security.jaxrs.impl.SamlSecurity used on opensource projects

Example 1 with SamlSecurity

use of org.codice.ddf.security.jaxrs.impl.SamlSecurity in project ddf by codice.

the class AssertionConsumerServiceTest method setup.

@Before
public void setup() throws Exception {
    MockitoAnnotations.initMocks(this);
    systemCrypto = new SystemCrypto("encryption.properties", "signature.properties", encryptionService);
    simpleSign = new SimpleSign(systemCrypto);
    idpMetadata = new IdpMetadata();
    idpMetadata.setMetadata(metadata);
    // stubs
    when(relayStates.encode(REQUEST_URL)).thenReturn(RELAY_STATE_VAL);
    when(relayStates.decode(RELAY_STATE_VAL)).thenReturn(LOCATION);
    when(principal.getName()).thenReturn(SUBJECT_NAME);
    when(securityToken.getPrincipal()).thenReturn(principal);
    when(principalHolder.getPrincipals()).thenReturn(null);
    when(session.getAttribute(SAML_PROPERTY_KEY)).thenReturn(principalHolder);
    when(session.getId()).thenReturn(SESSION_ID);
    when(sessionFactory.getOrCreateSession(any(HttpServletRequest.class))).thenReturn(session);
    when(httpRequest.getServerName()).thenReturn(HOST);
    when(httpRequest.getRequestURL()).thenReturn(new StringBuffer(REQUEST_URL));
    when(httpRequest.isSecure()).thenReturn(true);
    when(securityAssertion.getToken()).thenReturn(securityToken);
    List<Object> principalList = Arrays.asList(securityAssertion);
    when(principalCollection.asList()).thenReturn(principalList);
    when(subject.getPrincipals()).thenReturn(principalCollection);
    assertionConsumerService = new AssertionConsumerService(simpleSign, idpMetadata, systemCrypto, relayStates);
    assertionConsumerService.setRequest(httpRequest);
    assertionConsumerService.setLoginFilter(loginFilter);
    assertionConsumerService.setSessionFactory(sessionFactory);
    assertionConsumerService.setContextPolicyManager(contextPolicyManager);
    assertionConsumerService.setSamlSecurity(new SamlSecurity());
}

Example 2 with SamlSecurity

use of org.codice.ddf.security.jaxrs.impl.SamlSecurity in project ddf by codice.

the class LogoutRequestServiceTest method testGetLogoutRequestInvalidSignature.

@Test
public void testGetLogoutRequestInvalidSignature() throws Exception {
    SamlSecurity samlSecurity = new SamlSecurity();
    String deflatedSamlRequest = samlSecurity.deflateAndBase64Encode(UNENCODED_SAML_REQUEST);
    LogoutRequest logoutRequest = mock(LogoutRequest.class);
    LogoutWrapper<LogoutRequest> requestLogoutWrapper = new LogoutWrapperImpl<>(logoutRequest);
    when(logoutMessage.extractSamlLogoutRequest(eq(UNENCODED_SAML_REQUEST))).thenReturn(requestLogoutWrapper);
    logoutRequestService.setLogoutMessage(logoutMessage);
    LogoutRequestService lrs = new LogoutRequestService(simpleSign, idpMetadata, relayStates);
    lrs.setEncryptionService(encryptionService);
    lrs.setLogOutPageTimeOut(LOGOUT_PAGE_TIMEOUT);
    lrs.setLogoutMessage(logoutMessage);
    lrs.setRequest(request);
    lrs.setSessionFactory(sessionFactory);
    lrs.setSamlSecurity(samlSecurity);
    lrs.init();
    doReturn(new URI(redirectLogoutUrl)).when(logoutMessage).signSamlGetResponse(any(LogoutWrapper.class), any(URI.class), anyString());
    insertLogoutRequest();
    Response response = lrs.getLogoutRequest(deflatedSamlRequest, null, relayState, SIGNATURE_ALGORITHM, SIGNATURE);
    assertEquals(Response.Status.SEE_OTHER.getStatusCode(), response.getStatus());
    String msg = UNABLE_TO_VALIDATE_LOGOUT_REQUEST.replaceAll(" ", "+");
    assertTrue("Expected message containing " + msg, response.getLocation().getQuery().contains(msg));
}

Example 3 with SamlSecurity

use of org.codice.ddf.security.jaxrs.impl.SamlSecurity in project ddf by codice.

the class LogoutRequestServiceTest method testGetLogoutRequestNotParsable.

@Test
public void testGetLogoutRequestNotParsable() throws Exception {
    SamlSecurity samlSecurity = new SamlSecurity();
    String deflatedSamlRequest = samlSecurity.deflateAndBase64Encode(UNENCODED_SAML_REQUEST);
    when(logoutMessage.extractSamlLogoutRequest(eq(UNENCODED_SAML_REQUEST))).thenReturn(null);
    logoutRequestService.setLogoutMessage(logoutMessage);
    Response response = logoutRequestService.getLogoutRequest(deflatedSamlRequest, null, relayState, SIGNATURE_ALGORITHM, SIGNATURE);
    assertEquals(Response.Status.SEE_OTHER.getStatusCode(), response.getStatus());
    String msg = LogoutRequestService.UNABLE_TO_PARSE_LOGOUT_REQUEST.replaceAll(" ", "+");
    assertTrue("Expected message containing " + msg, response.getLocation().getQuery().contains(msg));
}

Example 4 with SamlSecurity

use of org.codice.ddf.security.jaxrs.impl.SamlSecurity in project ddf by codice.

the class LogoutRequestServiceTest method testGetLogoutRequestResponse.

@Test
public void testGetLogoutRequestResponse() throws Exception {
    SamlSecurity samlSecurity = new SamlSecurity();
    String deflatedSamlResponse = samlSecurity.deflateAndBase64Encode(UNENCODED_SAML_RESPONSE);
    LogoutResponse logoutResponse = mock(LogoutResponse.class);
    when(logoutResponse.getIssueInstant()).thenReturn(new DateTime());
    when(logoutResponse.getVersion()).thenReturn(SAMLVersion.VERSION_20);
    when(logoutResponse.getID()).thenReturn("id");
    LogoutWrapper<LogoutResponse> responseLogoutWrapper = new LogoutWrapperImpl<>(logoutResponse);
    when(logoutMessage.extractSamlLogoutResponse(eq(UNENCODED_SAML_RESPONSE))).thenReturn(responseLogoutWrapper);
    logoutRequestService.setLogoutMessage(logoutMessage);
    doReturn(true).when(simpleSign).validateSignature(anyString(), anyString(), anyString(), anyString());
    Response response = logoutRequestService.getLogoutRequest(null, deflatedSamlResponse, relayState, SIGNATURE_ALGORITHM, SIGNATURE);
    initializeLogoutRequestService();
    assertEquals(Response.Status.SEE_OTHER.getStatusCode(), response.getStatus());
    assertTrue("Expected a successful logout message", response.getLocation().toString().contains("logged+out+successfully."));
}

Example 5 with SamlSecurity

use of org.codice.ddf.security.jaxrs.impl.SamlSecurity in project ddf by codice.

the class LogoutRequestServiceTest method testGetLogoutRequestNoSessionIndex.

@Test
public void testGetLogoutRequestNoSessionIndex() throws Exception {
    SamlSecurity samlSecurity = new SamlSecurity();
    String deflatedSamlRequest = samlSecurity.deflateAndBase64Encode(UNENCODED_SAML_REQUEST);
    doReturn(true).when(simpleSign).validateSignature(anyString(), anyString(), anyString(), any());
    initializeLogoutRequestService();
    LogoutRequest logoutRequest = mock(LogoutRequest.class);
    LogoutWrapper logoutRequestWrapper = mock(LogoutWrapper.class);
    doReturn(logoutRequest).when(logoutRequestWrapper).getMessage();
    // No session index
    doReturn(Collections.EMPTY_LIST).when(logoutRequest).getSessionIndexes();
    doReturn(DateTime.now()).when(logoutRequest).getIssueInstant();
    doReturn(SAMLVersion.VERSION_20).when(logoutRequest).getVersion();
    doReturn(ID).when(logoutRequest).getID();
    doReturn(logoutRequestWrapper).when(logoutMessage).extractSamlLogoutRequest(eq(UNENCODED_SAML_REQUEST));
    LogoutResponse logoutResponse = mock(LogoutResponse.class);
    LogoutWrapper<LogoutResponse> responseLogoutWrapper = new LogoutWrapperImpl<>(logoutResponse);
    when(logoutMessage.buildLogoutResponse(anyString(), anyString(), anyString())).thenReturn(responseLogoutWrapper);
    when(logoutMessage.signSamlGetResponse(any(LogoutWrapper.class), any(URI.class), anyString())).thenReturn(new URI(redirectLogoutUrl));
    logoutRequestService.setLogoutMessage(logoutMessage);
    Response response = logoutRequestService.getLogoutRequest(deflatedSamlRequest, null, relayState, SIGNATURE_ALGORITHM, SIGNATURE);
    assertEquals(Response.Status.OK.getStatusCode(), response.getStatus());
    assertTrue("Expected logout url of " + redirectLogoutUrl, response.getEntity().toString().contains(redirectLogoutUrl));
}