Search in sources :

Example 56 with AttributeStatement

use of org.opensaml.saml.saml1.core.AttributeStatement in project verify-hub by alphagov.

the class MatchingDatasetAssertionValidatorTest method validate_shouldNotThrowAnExceptionWhenFirstnameIsPresent_ProfileV1_1.

@Test
public void validate_shouldNotThrowAnExceptionWhenFirstnameIsPresent_ProfileV1_1() {
    AttributeStatement attributeStatement = anEmptyMatchingDatasetAttributeStatement_1_1().withFirstname(aPersonName_1_1().buildAsFirstname()).build();
    Assertion matchingDatasetAssertion = anAssertion().addAttributeStatement(attributeStatement).buildUnencrypted();
    validator.validate(matchingDatasetAssertion, RESPONSE_ISSUER_ID);
}
Also used : AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) AssertionBuilder.anAssertion(uk.gov.ida.saml.core.test.builders.AssertionBuilder.anAssertion) Assertion(org.opensaml.saml.saml2.core.Assertion) Test(org.junit.jupiter.api.Test)

Example 57 with AttributeStatement

use of org.opensaml.saml.saml1.core.AttributeStatement in project verify-hub by alphagov.

the class HubAssertionMarshallerTest method transform_shouldTransformLevelOfCycle3DataAssertion.

@Test
public void transform_shouldTransformLevelOfCycle3DataAssertion() {
    String attributeName = "someName";
    String value = "some value";
    HubAssertion assertion = aHubAssertion().withCycle3Data(aCycle3Dataset().addCycle3Data(attributeName, value).build()).build();
    Attribute expectedAttribute = aSimpleStringAttribute().build();
    when(attributeFactory.createCycle3DataAttribute(attributeName, value)).thenReturn(expectedAttribute);
    Assertion transformedAssertion = marshaller.toSaml(assertion);
    List<AttributeStatement> attributeStatements = transformedAssertion.getAttributeStatements();
    assertThat(attributeStatements.size()).isGreaterThan(0);
    Attribute attribute = attributeStatements.get(0).getAttributes().get(0);
    assertThat(attribute).isEqualTo(expectedAttribute);
}
Also used : SimpleStringAttributeBuilder.aSimpleStringAttribute(uk.gov.ida.saml.core.test.builders.SimpleStringAttributeBuilder.aSimpleStringAttribute) Attribute(org.opensaml.saml.saml2.core.Attribute) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) HubAssertionBuilder.aHubAssertion(uk.gov.ida.saml.core.test.builders.HubAssertionBuilder.aHubAssertion) HubAssertion(uk.gov.ida.saml.core.domain.HubAssertion) Assertion(org.opensaml.saml.saml2.core.Assertion) HubAssertionBuilder.aHubAssertion(uk.gov.ida.saml.core.test.builders.HubAssertionBuilder.aHubAssertion) HubAssertion(uk.gov.ida.saml.core.domain.HubAssertion) Test(org.junit.jupiter.api.Test)

Example 58 with AttributeStatement

use of org.opensaml.saml.saml1.core.AttributeStatement in project verify-hub by alphagov.

the class AuthnResponseFactory method aFraudResponseFromIdpBuilder.

public ResponseBuilder aFraudResponseFromIdpBuilder(String idpEntityId, String persistentId) {
    TestCredentialFactory idpSigningCredentialFactory = new TestCredentialFactory(publicSigningCerts.get(idpEntityId), privateSigningKeys.get(idpEntityId));
    String requestId = generateId();
    final Subject mdsAssertionSubject = SubjectBuilder.aSubject().withPersistentId(persistentId).withSubjectConfirmation(SubjectConfirmationBuilder.aSubjectConfirmation().withSubjectConfirmationData(SubjectConfirmationDataBuilder.aSubjectConfirmationData().withInResponseTo(requestId).build()).build()).build();
    final Subject authnAssertionSubject = SubjectBuilder.aSubject().withNameId(buildNameID(persistentId)).withSubjectConfirmation(SubjectConfirmationBuilder.aSubjectConfirmation().withSubjectConfirmationData(SubjectConfirmationDataBuilder.aSubjectConfirmationData().withInResponseTo(requestId).build()).build()).build();
    final AttributeStatement matchingDatasetAttributeStatement = MatchingDatasetAttributeStatementBuilder_1_1.aMatchingDatasetAttributeStatement_1_1().build();
    final Credential encryptingCredential = hubEncryptionCredentialFactory.getEncryptingCredential();
    final Credential signingCredential = idpSigningCredentialFactory.getSigningCredential();
    final AssertionBuilder mdsAssertion = AssertionBuilder.anAssertion().withId(generateId()).withIssuer(IssuerBuilder.anIssuer().withIssuerId(idpEntityId).build()).withSubject(mdsAssertionSubject).addAttributeStatement(matchingDatasetAttributeStatement);
    final AssertionBuilder authnAssertion = AssertionBuilder.anAssertion().withId(generateId()).addAttributeStatement(anAttributeStatement().addAttribute(IdpFraudEventIdAttributeBuilder.anIdpFraudEventIdAttribute().withValue("a-fraud-event").build()).addAttribute(Gpg45StatusAttributeBuilder.aGpg45StatusAttribute().withValue("IT01").build()).addAttribute(anIPAddress().build()).build()).withIssuer(IssuerBuilder.anIssuer().withIssuerId(idpEntityId).build()).withSubject(authnAssertionSubject).addAuthnStatement(AuthnStatementBuilder.anAuthnStatement().withAuthnContext(AuthnContextBuilder.anAuthnContext().withAuthnContextClassRef(AuthnContextClassRefBuilder.anAuthnContextClassRef().withAuthnContextClasRefValue(IdaAuthnContext.LEVEL_X_AUTHN_CTX).build()).build()).build());
    ResponseBuilder responseBuilder = ResponseBuilder.aResponse().withId(generateId()).withIssuer(IssuerBuilder.anIssuer().withIssuerId(idpEntityId).build()).withInResponseTo(requestId).addEncryptedAssertion(mdsAssertion.withSignature(SignatureBuilder.aSignature().withSigningCredential(signingCredential).build()).buildWithEncrypterCredential(encryptingCredential)).addEncryptedAssertion(authnAssertion.withSignature(SignatureBuilder.aSignature().withSigningCredential(signingCredential).build()).buildWithEncrypterCredential(encryptingCredential));
    return responseBuilder;
}
Also used : TestCredentialFactory(uk.gov.ida.saml.core.test.TestCredentialFactory) BasicCredential(org.opensaml.security.credential.BasicCredential) Credential(org.opensaml.security.credential.Credential) AttributeStatementBuilder.anAttributeStatement(uk.gov.ida.saml.core.test.builders.AttributeStatementBuilder.anAttributeStatement) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) AssertionBuilder(uk.gov.ida.saml.core.test.builders.AssertionBuilder) ResponseBuilder(uk.gov.ida.saml.core.test.builders.ResponseBuilder) Subject(org.opensaml.saml.saml2.core.Subject)

Example 59 with AttributeStatement

use of org.opensaml.saml.saml1.core.AttributeStatement in project verify-hub by alphagov.

the class MatchingServiceAssertionToAssertionTransformer method addAttributes.

private void addAttributes(final Assertion transformedAssertion, final List<Attribute> userAttributesForAccountCreation) {
    AttributeStatementBuilder attributeStatementBuilder = (AttributeStatementBuilder) builderFactory.getBuilder(AttributeStatement.DEFAULT_ELEMENT_NAME);
    AttributeStatement attributeStatement = attributeStatementBuilder.buildObject();
    attributeStatement.getAttributes().addAll(userAttributesForAccountCreation);
    transformedAssertion.getAttributeStatements().add(attributeStatement);
}
Also used : AttributeStatementBuilder(org.opensaml.saml.saml2.core.impl.AttributeStatementBuilder) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement)

Example 60 with AttributeStatement

use of org.opensaml.saml.saml1.core.AttributeStatement in project verify-hub by alphagov.

the class MatchingDatasetAssertionValidator method validateAttributes.

private void validateAttributes(Assertion assertion) {
    final List<AttributeStatement> attributeStatements = assertion.getAttributeStatements();
    if (attributeStatements.isEmpty())
        throw new SamlValidationException(mdsStatementMissing());
    if (attributeStatements.size() > 1)
        throw new SamlValidationException(mdsMultipleStatements());
    final List<Attribute> attributes = attributeStatements.get(0).getAttributes();
    if (attributes.isEmpty())
        throw new SamlValidationException(attributeStatementEmpty(assertion.getID()));
    attributes.forEach(this::validateAttribute);
}
Also used : SamlValidationException(uk.gov.ida.saml.hub.exception.SamlValidationException) SamlTransformationErrorFactory.emptyAttribute(uk.gov.ida.saml.core.errors.SamlTransformationErrorFactory.emptyAttribute) Attribute(org.opensaml.saml.saml2.core.Attribute) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement)

Aggregations

AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)61 Attribute (org.opensaml.saml.saml2.core.Attribute)38 Assertion (org.opensaml.saml.saml2.core.Assertion)36 Test (org.junit.jupiter.api.Test)24 AssertionBuilder.anAssertion (uk.gov.ida.saml.core.test.builders.AssertionBuilder.anAssertion)17 XMLObject (org.opensaml.core.xml.XMLObject)15 EncryptedAttribute (org.opensaml.saml.saml2.core.EncryptedAttribute)10 SimpleStringAttributeBuilder.aSimpleStringAttribute (uk.gov.ida.saml.core.test.builders.SimpleStringAttributeBuilder.aSimpleStringAttribute)9 ArrayList (java.util.ArrayList)8 SamlTransformationErrorFactory.emptyAttribute (uk.gov.ida.saml.core.errors.SamlTransformationErrorFactory.emptyAttribute)8 XSString (org.opensaml.core.xml.schema.XSString)7 NameID (org.opensaml.saml.saml2.core.NameID)7 Response (org.opensaml.saml.saml2.core.Response)7 Subject (org.opensaml.saml.saml2.core.Subject)7 EncryptedAssertion (org.opensaml.saml.saml2.core.EncryptedAssertion)6 AttributeBuilder (org.opensaml.saml.saml2.core.impl.AttributeBuilder)6 AttributeStatement (org.opensaml.saml2.core.AttributeStatement)6 HashMap (java.util.HashMap)5 List (java.util.List)5 Map (java.util.Map)5