use of org.opensaml.saml.saml2.core.AttributeStatement in project verify-hub by alphagov.
the class MatchingDatasetAssertionValidatorTest method validate_shouldNotThrowAnExceptionWhenFirstnameIsPresent_ProfileV1_1.
@Test
public void validate_shouldNotThrowAnExceptionWhenFirstnameIsPresent_ProfileV1_1() {
AttributeStatement attributeStatement = anEmptyMatchingDatasetAttributeStatement_1_1().withFirstname(aPersonName_1_1().buildAsFirstname()).build();
Assertion matchingDatasetAssertion = anAssertion().addAttributeStatement(attributeStatement).buildUnencrypted();
validator.validate(matchingDatasetAssertion, RESPONSE_ISSUER_ID);
}
use of org.opensaml.saml.saml2.core.AttributeStatement in project verify-hub by alphagov.
the class HubAssertionMarshallerTest method transform_shouldTransformLevelOfCycle3DataAssertion.
@Test
public void transform_shouldTransformLevelOfCycle3DataAssertion() {
String attributeName = "someName";
String value = "some value";
HubAssertion assertion = aHubAssertion().withCycle3Data(aCycle3Dataset().addCycle3Data(attributeName, value).build()).build();
Attribute expectedAttribute = aSimpleStringAttribute().build();
when(attributeFactory.createCycle3DataAttribute(attributeName, value)).thenReturn(expectedAttribute);
Assertion transformedAssertion = marshaller.toSaml(assertion);
List<AttributeStatement> attributeStatements = transformedAssertion.getAttributeStatements();
assertThat(attributeStatements.size()).isGreaterThan(0);
Attribute attribute = attributeStatements.get(0).getAttributes().get(0);
assertThat(attribute).isEqualTo(expectedAttribute);
}
use of org.opensaml.saml.saml2.core.AttributeStatement in project verify-hub by alphagov.
the class AuthnResponseFactory method aFraudResponseFromIdpBuilder.
public ResponseBuilder aFraudResponseFromIdpBuilder(String idpEntityId, String persistentId) {
TestCredentialFactory idpSigningCredentialFactory = new TestCredentialFactory(publicSigningCerts.get(idpEntityId), privateSigningKeys.get(idpEntityId));
String requestId = generateId();
final Subject mdsAssertionSubject = SubjectBuilder.aSubject().withPersistentId(persistentId).withSubjectConfirmation(SubjectConfirmationBuilder.aSubjectConfirmation().withSubjectConfirmationData(SubjectConfirmationDataBuilder.aSubjectConfirmationData().withInResponseTo(requestId).build()).build()).build();
final Subject authnAssertionSubject = SubjectBuilder.aSubject().withNameId(buildNameID(persistentId)).withSubjectConfirmation(SubjectConfirmationBuilder.aSubjectConfirmation().withSubjectConfirmationData(SubjectConfirmationDataBuilder.aSubjectConfirmationData().withInResponseTo(requestId).build()).build()).build();
final AttributeStatement matchingDatasetAttributeStatement = MatchingDatasetAttributeStatementBuilder_1_1.aMatchingDatasetAttributeStatement_1_1().build();
final Credential encryptingCredential = hubEncryptionCredentialFactory.getEncryptingCredential();
final Credential signingCredential = idpSigningCredentialFactory.getSigningCredential();
final AssertionBuilder mdsAssertion = AssertionBuilder.anAssertion().withId(generateId()).withIssuer(IssuerBuilder.anIssuer().withIssuerId(idpEntityId).build()).withSubject(mdsAssertionSubject).addAttributeStatement(matchingDatasetAttributeStatement);
final AssertionBuilder authnAssertion = AssertionBuilder.anAssertion().withId(generateId()).addAttributeStatement(anAttributeStatement().addAttribute(IdpFraudEventIdAttributeBuilder.anIdpFraudEventIdAttribute().withValue("a-fraud-event").build()).addAttribute(Gpg45StatusAttributeBuilder.aGpg45StatusAttribute().withValue("IT01").build()).addAttribute(anIPAddress().build()).build()).withIssuer(IssuerBuilder.anIssuer().withIssuerId(idpEntityId).build()).withSubject(authnAssertionSubject).addAuthnStatement(AuthnStatementBuilder.anAuthnStatement().withAuthnContext(AuthnContextBuilder.anAuthnContext().withAuthnContextClassRef(AuthnContextClassRefBuilder.anAuthnContextClassRef().withAuthnContextClasRefValue(IdaAuthnContext.LEVEL_X_AUTHN_CTX).build()).build()).build());
ResponseBuilder responseBuilder = ResponseBuilder.aResponse().withId(generateId()).withIssuer(IssuerBuilder.anIssuer().withIssuerId(idpEntityId).build()).withInResponseTo(requestId).addEncryptedAssertion(mdsAssertion.withSignature(SignatureBuilder.aSignature().withSigningCredential(signingCredential).build()).buildWithEncrypterCredential(encryptingCredential)).addEncryptedAssertion(authnAssertion.withSignature(SignatureBuilder.aSignature().withSigningCredential(signingCredential).build()).buildWithEncrypterCredential(encryptingCredential));
return responseBuilder;
}
use of org.opensaml.saml.saml2.core.AttributeStatement in project verify-hub by alphagov.
the class MatchingServiceAssertionToAssertionTransformer method addAttributes.
private void addAttributes(final Assertion transformedAssertion, final List<Attribute> userAttributesForAccountCreation) {
AttributeStatementBuilder attributeStatementBuilder = (AttributeStatementBuilder) builderFactory.getBuilder(AttributeStatement.DEFAULT_ELEMENT_NAME);
AttributeStatement attributeStatement = attributeStatementBuilder.buildObject();
attributeStatement.getAttributes().addAll(userAttributesForAccountCreation);
transformedAssertion.getAttributeStatements().add(attributeStatement);
}
use of org.opensaml.saml.saml2.core.AttributeStatement in project verify-hub by alphagov.
the class MatchingDatasetAssertionValidator method validateAttributes.
private void validateAttributes(Assertion assertion) {
final List<AttributeStatement> attributeStatements = assertion.getAttributeStatements();
if (attributeStatements.isEmpty())
throw new SamlValidationException(mdsStatementMissing());
if (attributeStatements.size() > 1)
throw new SamlValidationException(mdsMultipleStatements());
final List<Attribute> attributes = attributeStatements.get(0).getAttributes();
if (attributes.isEmpty())
throw new SamlValidationException(attributeStatementEmpty(assertion.getID()));
attributes.forEach(this::validateAttribute);
}
Aggregations