use of org.opensaml.saml.saml1.core.Status in project cas by apereo.
the class Saml10SuccessResponseView method prepareResponse.
@Override
protected void prepareResponse(final Response response, final Map<String, Object> model) {
final ZonedDateTime issuedAt = DateTimeUtils.zonedDateTimeOf(response.getIssueInstant());
final Service service = getAssertionFrom(model).getService();
LOGGER.debug("Preparing SAML response for service [{}]", service);
final Authentication authentication = getPrimaryAuthenticationFrom(model);
final Collection<Object> authnMethods = CollectionUtils.toCollection(authentication.getAttributes().get(SamlAuthenticationMetaDataPopulator.ATTRIBUTE_AUTHENTICATION_METHOD));
LOGGER.debug("Authentication methods found are [{}]", authnMethods);
final Principal principal = getPrincipal(model);
final AuthenticationStatement authnStatement = this.samlObjectBuilder.newAuthenticationStatement(authentication.getAuthenticationDate(), authnMethods, principal.getId());
LOGGER.debug("Built authentication statement for [{}] dated at [{}]", principal, authentication.getAuthenticationDate());
final Assertion assertion = this.samlObjectBuilder.newAssertion(authnStatement, this.issuer, issuedAt, this.samlObjectBuilder.generateSecureRandomId());
LOGGER.debug("Built assertion for issuer [{}] dated at [{}]", this.issuer, issuedAt);
final Conditions conditions = this.samlObjectBuilder.newConditions(issuedAt, service.getId(), this.issueLength);
assertion.setConditions(conditions);
LOGGER.debug("Built assertion conditions for issuer [{}] and service [{}] ", this.issuer, service.getId());
final Subject subject = this.samlObjectBuilder.newSubject(principal.getId());
LOGGER.debug("Built subject for principal [{}]", principal);
final Map<String, Object> attributesToSend = prepareSamlAttributes(model, service);
LOGGER.debug("Authentication statement shall include these attributes [{}]", attributesToSend);
if (!attributesToSend.isEmpty()) {
assertion.getAttributeStatements().add(this.samlObjectBuilder.newAttributeStatement(subject, attributesToSend, this.defaultAttributeNamespace));
}
response.setStatus(this.samlObjectBuilder.newStatus(StatusCode.SUCCESS, null));
LOGGER.debug("Set response status code to [{}]", response.getStatus());
response.getAssertions().add(assertion);
}
use of org.opensaml.saml.saml1.core.Status in project verify-hub by alphagov.
the class MatchingServiceHealthcheckResponseTranslatorResourceTest method should_translateHealthcheckAttributeQueryResponse.
@Test
public void should_translateHealthcheckAttributeQueryResponse() throws Exception {
final String msaStatusCode = SamlStatusCode.HEALTHY;
final Status status = aStatus().withStatusCode(aStatusCode().withSubStatusCode(aStatusCode().withValue(msaStatusCode).build()).withValue(StatusCode.SUCCESS).build()).build();
final String requestId = "requestId";
final String saml = aValidMatchResponseFromMatchingService(requestId, status, DateTime.now().plusHours(1));
Response response = postResponseForTranslation(new SamlMessageDto(Base64.encodeAsString(saml)));
MatchingServiceHealthCheckerResponseDto entity = response.readEntity(MatchingServiceHealthCheckerResponseDto.class);
assertThat(response.getStatus()).isEqualTo(Response.Status.OK.getStatusCode());
assertThat(entity.getStatus()).isEqualTo(MatchingServiceIdaStatus.Healthy);
assertThat(entity.getInResponseTo()).isEqualTo(requestId);
assertThat(entity.getIssuer()).isEqualTo(TEST_RP_MS);
}
use of org.opensaml.saml.saml1.core.Status in project verify-hub by alphagov.
the class MatchingServiceResponseTranslatorResourceTest method shouldReturnADtoWhenResponseIs_Created.
@Test
public void shouldReturnADtoWhenResponseIs_Created() throws Exception {
final String requestId = "requestId";
final String msaStatusCode = SamlStatusCode.CREATED;
final Status status = aStatus().withStatusCode(aStatusCode().withSubStatusCode(aStatusCode().withValue(msaStatusCode).build()).withValue(SUCCESS).build()).build();
final SamlResponseDto samlResponseDto = new SamlResponseDto(Base64.encodeAsString(aValidMatchResponseFromMatchingService(requestId, status)));
Response clientResponse = postToSamlEngine(samlResponseDto);
assertThat(clientResponse.getStatus()).isEqualTo(Response.Status.OK.getStatusCode());
InboundResponseFromMatchingServiceDto inboundResponseFromMatchingServiceDto = clientResponse.readEntity(InboundResponseFromMatchingServiceDto.class);
assertThat(inboundResponseFromMatchingServiceDto.getIssuer()).isEqualTo(TEST_RP_MS);
assertThat(inboundResponseFromMatchingServiceDto.getInResponseTo()).isEqualTo(requestId);
assertThat(inboundResponseFromMatchingServiceDto.getStatus().name()).isEqualTo(MatchingServiceIdaStatus.UserAccountCreated.name());
assertThat(inboundResponseFromMatchingServiceDto.getLevelOfAssurance().isPresent()).isTrue();
assertThat(inboundResponseFromMatchingServiceDto.getLevelOfAssurance().get()).isEqualTo(LevelOfAssurance.LEVEL_2);
assertThat(inboundResponseFromMatchingServiceDto.getUnderlyingMatchingServiceAssertionBlob().isPresent()).isTrue();
}
use of org.opensaml.saml.saml1.core.Status in project verify-hub by alphagov.
the class MatchingServiceResponseTranslatorResourceTest method shouldReturnADtoWhenResponseIs_RequesterError.
@Test
public void shouldReturnADtoWhenResponseIs_RequesterError() throws Exception {
final String requestId = "requestId";
final String msaStatusCode = StatusCode.NO_AUTHN_CONTEXT;
final Status status = aStatus().withStatusCode(aStatusCode().withSubStatusCode(aStatusCode().withValue(msaStatusCode).build()).withValue(REQUESTER).build()).build();
final SamlResponseDto samlResponseDto = new SamlResponseDto(Base64.encodeAsString(aValidNoMatchResponseFromMatchingService(requestId, status, TEST_RP_MS)));
Response clientResponse = postToSamlEngine(samlResponseDto);
assertThat(clientResponse.getStatus()).isEqualTo(Response.Status.OK.getStatusCode());
InboundResponseFromMatchingServiceDto inboundResponseFromMatchingServiceDto = clientResponse.readEntity(InboundResponseFromMatchingServiceDto.class);
assertThat(inboundResponseFromMatchingServiceDto.getIssuer()).isEqualTo(TEST_RP_MS);
assertThat(inboundResponseFromMatchingServiceDto.getInResponseTo()).isEqualTo(requestId);
assertThat(inboundResponseFromMatchingServiceDto.getStatus().name()).isEqualTo(MatchingServiceIdaStatus.RequesterError.name());
assertThat(inboundResponseFromMatchingServiceDto.getLevelOfAssurance().isPresent()).isFalse();
assertThat(inboundResponseFromMatchingServiceDto.getUnderlyingMatchingServiceAssertionBlob().isPresent()).isFalse();
}
use of org.opensaml.saml.saml1.core.Status in project verify-hub by alphagov.
the class MatchingServiceResponseTranslatorResourceTest method shouldReturnADtoWhenResponseIs_Match.
@Test
public void shouldReturnADtoWhenResponseIs_Match() throws Exception {
final String requestId = "requestId";
final String msaStatusCode = SamlStatusCode.MATCH;
final Status status = aStatus().withStatusCode(aStatusCode().withSubStatusCode(aStatusCode().withValue(msaStatusCode).build()).withValue(SUCCESS).build()).build();
final SamlResponseDto samlResponseDto = new SamlResponseDto(Base64.encodeAsString(aValidMatchResponseFromMatchingService(requestId, status)));
Response clientResponse = postToSamlEngine(samlResponseDto);
assertThat(clientResponse.getStatus()).isEqualTo(Response.Status.OK.getStatusCode());
InboundResponseFromMatchingServiceDto inboundResponseFromMatchingServiceDto = clientResponse.readEntity(InboundResponseFromMatchingServiceDto.class);
assertThat(inboundResponseFromMatchingServiceDto.getIssuer()).isEqualTo(TEST_RP_MS);
assertThat(inboundResponseFromMatchingServiceDto.getInResponseTo()).isEqualTo(requestId);
assertThat(inboundResponseFromMatchingServiceDto.getStatus().name()).isEqualTo(MatchingServiceIdaStatus.MatchingServiceMatch.name());
assertThat(inboundResponseFromMatchingServiceDto.getLevelOfAssurance().isPresent()).isTrue();
assertThat(inboundResponseFromMatchingServiceDto.getLevelOfAssurance().get()).isEqualTo(LevelOfAssurance.LEVEL_2);
assertThat(inboundResponseFromMatchingServiceDto.getUnderlyingMatchingServiceAssertionBlob().isPresent()).isTrue();
}
Aggregations