use of org.opensaml.saml.saml1.core.Status in project cxf by apache.
the class SAMLResponseValidatorTest method testResponseModifiedSignedAssertion.
@org.junit.Test
public void testResponseModifiedSignedAssertion() throws Exception {
Document doc = DOMUtils.createDocument();
Status status = SAML2PResponseComponentBuilder.createStatus(SAMLProtocolResponseValidator.SAML2_STATUSCODE_SUCCESS, null);
Response response = SAML2PResponseComponentBuilder.createSAMLResponse("http://cxf.apache.org/saml", "http://cxf.apache.org/issuer", status);
// Create an AuthenticationAssertion
SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);
callbackHandler.setIssuer("http://cxf.apache.org/issuer");
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_SENDER_VOUCHES);
SAMLCallback samlCallback = new SAMLCallback();
SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
Crypto issuerCrypto = new Merlin();
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
ClassLoader loader = Loader.getClassLoader(SAMLResponseValidatorTest.class);
InputStream input = Merlin.loadInputStream(loader, "alice.jks");
keyStore.load(input, "password".toCharArray());
((Merlin) issuerCrypto).setKeyStore(keyStore);
assertion.signAssertion("alice", "password", issuerCrypto, false);
response.getAssertions().add(assertion.getSaml2());
Element policyElement = OpenSAMLUtil.toDom(response, doc);
doc.appendChild(policyElement);
assertNotNull(policyElement);
List<Element> assertions = DOMUtils.findAllElementsByTagNameNS(policyElement, SAMLConstants.SAML20_NS, "Assertion");
assertNotNull(assertions);
assertTrue(assertions.size() == 1);
assertions.get(0).setAttributeNS(null, "newattr", "http://apache.org");
Response marshalledResponse = (Response) OpenSAMLUtil.fromDom(policyElement);
// Validate the Response
SAMLProtocolResponseValidator validator = new SAMLProtocolResponseValidator();
try {
// Validate the Response
validator.validateSamlResponse(marshalledResponse, issuerCrypto, new KeystorePasswordCallback());
fail("Expected failure on a bad signature");
} catch (WSSecurityException ex) {
// expected
}
}
use of org.opensaml.saml.saml1.core.Status in project cxf by apache.
the class SAMLSSOResponseValidatorTest method createResponse.
private Response createResponse(SubjectConfirmationDataBean subjectConfirmationData, List<AudienceRestrictionBean> audienceRestrictions, String authnClassRef) throws Exception {
Document doc = DOMUtils.createDocument();
Status status = SAML2PResponseComponentBuilder.createStatus(SAMLProtocolResponseValidator.SAML2_STATUSCODE_SUCCESS, null);
Response response = SAML2PResponseComponentBuilder.createSAMLResponse("http://cxf.apache.org/saml", "http://cxf.apache.org/issuer", status);
// Create an AuthenticationAssertion
SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);
callbackHandler.setIssuer("http://cxf.apache.org/issuer");
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
callbackHandler.setSubjectConfirmationData(subjectConfirmationData);
ConditionsBean conditions = new ConditionsBean();
conditions.setNotBefore(new DateTime());
conditions.setNotAfter(new DateTime().plusMinutes(5));
if (audienceRestrictions == null) {
AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
audienceRestriction.setAudienceURIs(Collections.singletonList("http://service.apache.org"));
conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction));
} else {
conditions.setAudienceRestrictions(audienceRestrictions);
}
callbackHandler.setConditions(conditions);
SAMLCallback samlCallback = new SAMLCallback();
SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
response.getAssertions().add(assertion.getSaml2());
if (authnClassRef != null) {
AuthnStatement authnStatement = response.getAssertions().get(0).getAuthnStatements().get(0);
authnStatement.getAuthnContext().setAuthnContextClassRef(SAML2PResponseComponentBuilder.createAuthnContextClassRef(authnClassRef));
}
Element policyElement = OpenSAMLUtil.toDom(response, doc);
doc.appendChild(policyElement);
assertNotNull(policyElement);
return (Response) OpenSAMLUtil.fromDom(policyElement);
}
use of org.opensaml.saml.saml1.core.Status in project cloudstack by apache.
the class SAML2LoginAPIAuthenticatorCmdTest method buildMockResponse.
private Response buildMockResponse() throws Exception {
Response samlMessage = new ResponseBuilder().buildObject();
samlMessage.setID("foo");
samlMessage.setVersion(SAMLVersion.VERSION_20);
samlMessage.setIssueInstant(new DateTime(0));
Issuer issuer = new IssuerBuilder().buildObject();
issuer.setValue("MockedIssuer");
samlMessage.setIssuer(issuer);
Status status = new StatusBuilder().buildObject();
StatusCode statusCode = new StatusCodeBuilder().buildObject();
statusCode.setValue(StatusCode.SUCCESS_URI);
status.setStatusCode(statusCode);
samlMessage.setStatus(status);
Assertion assertion = new AssertionBuilder().buildObject();
Subject subject = new SubjectBuilder().buildObject();
NameID nameID = new NameIDBuilder().buildObject();
nameID.setValue("SOME-UNIQUE-ID");
nameID.setFormat(NameIDType.PERSISTENT);
subject.setNameID(nameID);
assertion.setSubject(subject);
AuthnStatement authnStatement = new AuthnStatementBuilder().buildObject();
authnStatement.setSessionIndex("Some Session String");
assertion.getAuthnStatements().add(authnStatement);
AttributeStatement attributeStatement = new AttributeStatementBuilder().buildObject();
assertion.getAttributeStatements().add(attributeStatement);
samlMessage.getAssertions().add(assertion);
return samlMessage;
}
use of org.opensaml.saml.saml1.core.Status in project ddf by codice.
the class SamlProtocol method createStatus.
public static Status createStatus(String statusValue) {
Status status = statusBuilder.buildObject();
StatusCode statusCode = statusCodeBuilder.buildObject();
statusCode.setValue(statusValue);
status.setStatusCode(statusCode);
return status;
}
use of org.opensaml.saml.saml1.core.Status in project cas by apereo.
the class AbstractSaml20ObjectBuilder method newStatus.
/**
* Create a new SAML status object.
*
* @param codeValue the code value
* @param statusMessage the status message
* @return the status
*/
public Status newStatus(final String codeValue, final String statusMessage) {
final Status status = newSamlObject(Status.class);
final StatusCode code = newSamlObject(StatusCode.class);
code.setValue(codeValue);
status.setStatusCode(code);
if (StringUtils.isNotBlank(statusMessage)) {
final StatusMessage message = newSamlObject(StatusMessage.class);
message.setMessage(statusMessage);
status.setStatusMessage(message);
}
return status;
}
Aggregations