Examples with EntityIdCriterion org.opensaml.core.criterion.EntityIdCriterion used on opensource projects

Example 41 with EntityIdCriterion

use of org.opensaml.core.criterion.EntityIdCriterion in project cas by apereo.

the class SamlRegisteredServiceDefaultCachingMetadataResolverTests method getCriteriaFor.

private static CriteriaSet getCriteriaFor(final String entityId) {
    val criteriaSet1 = new CriteriaSet();
    criteriaSet1.add(new EntityIdCriterion(entityId));
    criteriaSet1.add(new EntityRoleCriterion(SPSSODescriptor.DEFAULT_ELEMENT_NAME));
    return criteriaSet1;
}

Example 42 with EntityIdCriterion

use of org.opensaml.core.criterion.EntityIdCriterion in project cas by apereo.

the class DefaultDelegatedClientAuthenticationWebflowManagerTests method setupTestContextFor.

private Pair<SAML2Client, SAML2MessageContext> setupTestContextFor(final String spMetadataPath, final String spEntityId) throws Exception {
    val idpMetadata = new File("src/test/resources/idp-metadata.xml").getCanonicalPath();
    val keystorePath = new File(FileUtils.getTempDirectory(), "keystore").getCanonicalPath();
    val saml2ClientConfiguration = new SAML2Configuration(keystorePath, "changeit", "changeit", idpMetadata);
    saml2ClientConfiguration.setServiceProviderEntityId(spEntityId);
    saml2ClientConfiguration.setServiceProviderMetadataPath(spMetadataPath);
    saml2ClientConfiguration.setForceKeystoreGeneration(true);
    saml2ClientConfiguration.setForceServiceProviderMetadataGeneration(true);
    saml2ClientConfiguration.init();
    val saml2Client = new SAML2Client(saml2ClientConfiguration);
    saml2Client.setCallbackUrl("http://callback.example.org");
    saml2Client.init();
    val saml2MessageContext = new SAML2MessageContext();
    saml2MessageContext.setSaml2Configuration(saml2ClientConfiguration);
    saml2MessageContext.setWebContext(context);
    val peer = saml2MessageContext.getMessageContext().getSubcontext(SAMLPeerEntityContext.class, true);
    assertNotNull(peer);
    peer.setEntityId("https://cas.example.org/idp");
    val md = peer.getSubcontext(SAMLMetadataContext.class, true);
    assertNotNull(md);
    val roleDescriptorResolver = new PredicateRoleDescriptorResolver(saml2Client.getIdpMetadataResolver().resolve());
    roleDescriptorResolver.initialize();
    md.setRoleDescriptor(roleDescriptorResolver.resolveSingle(new CriteriaSet(new EntityIdCriterion(Objects.requireNonNull(peer.getEntityId())), new EntityRoleCriterion(IDPSSODescriptor.DEFAULT_ELEMENT_NAME))));
    val self = saml2MessageContext.getMessageContext().getSubcontext(SAMLSelfEntityContext.class, true);
    assertNotNull(self);
    self.setEntityId(saml2ClientConfiguration.getServiceProviderEntityId());
    val sp = self.getSubcontext(SAMLMetadataContext.class, true);
    assertNotNull(sp);
    val spResolver = new PredicateRoleDescriptorResolver(saml2Client.getSpMetadataResolver().resolve());
    spResolver.initialize();
    sp.setRoleDescriptor(spResolver.resolveSingle(new CriteriaSet(new EntityIdCriterion(Objects.requireNonNull(self.getEntityId())), new EntityRoleCriterion(SPSSODescriptor.DEFAULT_ELEMENT_NAME))));
    return Pair.of(saml2Client, saml2MessageContext);
}

Example 43 with EntityIdCriterion

use of org.opensaml.core.criterion.EntityIdCriterion in project cas by apereo.

the class InMemoryResourceMetadataResolverTests method verifyValidMetadataResource.

@Test
public void verifyValidMetadataResource() throws Exception {
    val resolver = new InMemoryResourceMetadataResolver(new ClassPathResource("metadata/metadata-valid.xml"), configBean);
    resolver.setId(UUID.randomUUID().toString());
    resolver.initialize();
    val criteriaSet = new CriteriaSet();
    criteriaSet.add(new EntityIdCriterion("urn:app.e2ma.net"));
    criteriaSet.add(new EntityRoleCriterion(SPSSODescriptor.DEFAULT_ELEMENT_NAME));
    val resolved = resolver.resolve(criteriaSet);
    assertFalse(Iterables.isEmpty(resolved));
}

Example 44 with EntityIdCriterion

use of org.opensaml.core.criterion.EntityIdCriterion in project verify-hub by alphagov.

the class IdpSingleSignOnServiceHelper method getSingleSignOn.

public URI getSingleSignOn(String entityId) {
    EntityDescriptor idpEntityDescriptor;
    try {
        CriteriaSet criteria = new CriteriaSet(new EntityIdCriterion(entityId));
        idpEntityDescriptor = metadataProvider.resolveSingle(criteria);
    } catch (ResolverException e) {
        LOG.log(Level.SEVERE, format("Exception when accessing metadata: {0}", e));
        throw new RuntimeException(e);
    }
    if (idpEntityDescriptor != null) {
        final IDPSSODescriptor idpssoDescriptor = idpEntityDescriptor.getIDPSSODescriptor(SAMLConstants.SAML20P_NS);
        final List<SingleSignOnService> singleSignOnServices = idpssoDescriptor.getSingleSignOnServices();
        if (singleSignOnServices.isEmpty()) {
            LOG.log(Level.SEVERE, format("No singleSignOnServices present for IDP entityId: {0}", entityId));
        } else {
            if (singleSignOnServices.size() > 1) {
                LOG.log(Level.WARNING, format("More than one singleSignOnService present: {0} for {1}", singleSignOnServices.size(), entityId));
            }
            return URI.create(singleSignOnServices.get(0).getLocation());
        }
    }
    throw ApplicationException.createUnauditedException(ExceptionType.NOT_FOUND, UUID.randomUUID(), new RuntimeException(format("no entity descriptor for IDP: {0}", entityId)));
}