use of org.opensaml.saml.saml1.core.Status in project verify-hub by alphagov.
the class MatchingServiceResponseTranslatorResourceTest method shouldNotReturnADtoResponse_WhenFieldsAreMissing_Match.
@Test
public void shouldNotReturnADtoResponse_WhenFieldsAreMissing_Match() throws Exception {
final String requestId = "requestId";
final String msaStatusCode = SamlStatusCode.MATCH;
final Status status = aStatus().withStatusCode(aStatusCode().withSubStatusCode(aStatusCode().withValue(msaStatusCode).build()).withValue(SUCCESS).build()).build();
final SamlResponseDto samlResponseDto = new SamlResponseDto(Base64.encodeAsString(aValidMatchResponseFromMatchingServiceWithMissingData(requestId, status, TEST_RP_MS)));
Response clientResponse = postToSamlEngine(samlResponseDto);
assertThat(clientResponse.getStatus()).isEqualTo(Response.Status.BAD_REQUEST.getStatusCode());
ErrorStatusDto errorStatusDto = clientResponse.readEntity(ErrorStatusDto.class);
assertThat(errorStatusDto.getExceptionType()).isEqualTo(ExceptionType.INVALID_SAML);
}
use of org.opensaml.saml.saml1.core.Status in project verify-hub by alphagov.
the class ProtectiveMonitoringLogFormatter method formatAuthnResponse.
public String formatAuthnResponse(Response samlResponse, Direction direction, Boolean validSignature) {
Issuer issuer = samlResponse.getIssuer();
String issuerString = issuer != null ? issuer.getValue() : "";
Status status = samlResponse.getStatus();
StatusCode subStatusCode = status.getStatusCode().getStatusCode();
String subStatus = subStatusCode != null ? subStatusCode.getValue() : "";
return String.format(AUTHN_RESPONSE, samlResponse.getID(), samlResponse.getInResponseTo(), direction, samlResponse.getDestination(), issuerString, validSignature, status.getStatusCode().getValue(), subStatus, getStatusDetailValues(status));
}
use of org.opensaml.saml.saml1.core.Status in project cxf by apache.
the class SAML2PResponseComponentBuilder method createStatus.
@SuppressWarnings("unchecked")
public static Status createStatus(String statusCodeValue, String statusMessage) {
if (statusBuilder == null) {
statusBuilder = (SAMLObjectBuilder<Status>) builderFactory.getBuilder(Status.DEFAULT_ELEMENT_NAME);
}
if (statusCodeBuilder == null) {
statusCodeBuilder = (SAMLObjectBuilder<StatusCode>) builderFactory.getBuilder(StatusCode.DEFAULT_ELEMENT_NAME);
}
if (statusMessageBuilder == null) {
statusMessageBuilder = (SAMLObjectBuilder<StatusMessage>) builderFactory.getBuilder(StatusMessage.DEFAULT_ELEMENT_NAME);
}
Status status = statusBuilder.buildObject();
StatusCode statusCode = statusCodeBuilder.buildObject();
statusCode.setValue(statusCodeValue);
status.setStatusCode(statusCode);
if (statusMessage != null) {
StatusMessage statusMessageObject = statusMessageBuilder.buildObject();
statusMessageObject.setMessage(statusMessage);
status.setStatusMessage(statusMessageObject);
}
return status;
}
use of org.opensaml.saml.saml1.core.Status in project cxf by apache.
the class SAMLResponseValidatorTest method createResponse.
private Response createResponse(SubjectConfirmationDataBean subjectConfirmationData, SAML2CallbackHandler callbackHandler) throws Exception {
Document doc = DOMUtils.createDocument();
Status status = SAML2PResponseComponentBuilder.createStatus(SAMLProtocolResponseValidator.SAML2_STATUSCODE_SUCCESS, null);
Response response = SAML2PResponseComponentBuilder.createSAMLResponse("http://cxf.apache.org/saml", "http://cxf.apache.org/issuer", status);
// Create an AuthenticationAssertion
SAMLCallback samlCallback = new SAMLCallback();
SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
response.getAssertions().add(assertion.getSaml2());
Element policyElement = OpenSAMLUtil.toDom(response, doc);
doc.appendChild(policyElement);
assertNotNull(policyElement);
return (Response) OpenSAMLUtil.fromDom(policyElement);
}
use of org.opensaml.saml.saml1.core.Status in project cxf by apache.
the class SAMLResponseValidatorTest method testFutureAuthnInstant.
@org.junit.Test
public void testFutureAuthnInstant() throws Exception {
Document doc = DOMUtils.createDocument();
Status status = SAML2PResponseComponentBuilder.createStatus(SAMLProtocolResponseValidator.SAML2_STATUSCODE_SUCCESS, null);
Response response = SAML2PResponseComponentBuilder.createSAMLResponse("http://cxf.apache.org/saml", "http://cxf.apache.org/issuer", status);
// Create an AuthenticationAssertion
SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);
callbackHandler.setIssuer("http://cxf.apache.org/issuer");
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_SENDER_VOUCHES);
callbackHandler.setAuthnInstant(new DateTime().plusDays(1));
SAMLCallback samlCallback = new SAMLCallback();
SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
response.getAssertions().add(assertion.getSaml2());
Element policyElement = OpenSAMLUtil.toDom(response, doc);
doc.appendChild(policyElement);
assertNotNull(policyElement);
Response marshalledResponse = (Response) OpenSAMLUtil.fromDom(policyElement);
// Validate the Response
SAMLProtocolResponseValidator validator = new SAMLProtocolResponseValidator();
try {
validator.validateSamlResponse(marshalledResponse, null, null);
fail("Expected failure on an invalid Assertion AuthnInstant");
} catch (WSSecurityException ex) {
// expected
}
}
Aggregations