Search in sources :

Example 6 with AttributeStatement

use of org.opensaml.saml.saml2.core.AttributeStatement in project webcert by sklintyg.

the class CommonFakeAuthenticationProvider method createSamlCredential.

private SAMLCredential createSamlCredential(Authentication token) {
    FakeCredentials fakeCredentials = (FakeCredentials) token.getCredentials();
    Assertion assertion = new AssertionBuilder().buildObject();
    attachAuthenticationContext(assertion, FAKE_AUTHENTICATION_SITHS_CONTEXT_REF);
    AttributeStatement attributeStatement = new AttributeStatementBuilder().buildObject();
    assertion.getAttributeStatements().add(attributeStatement);
    addAttribute(attributeStatement, BaseSakerhetstjanstAssertion.HSA_ID_ATTRIBUTE, fakeCredentials.getHsaId());
    NameID nameId = new NameIDBuilder().buildObject();
    nameId.setValue(token.getCredentials().toString());
    return new SAMLCredential(nameId, assertion, "fake-idp", "webcert");
}
Also used : NameIDBuilder(org.opensaml.saml2.core.impl.NameIDBuilder) AttributeStatementBuilder(org.opensaml.saml2.core.impl.AttributeStatementBuilder) FakeCredentials(se.inera.intyg.webcert.web.auth.fake.FakeCredentials) SAMLCredential(org.springframework.security.saml.SAMLCredential) NameID(org.opensaml.saml2.core.NameID) AttributeStatement(org.opensaml.saml2.core.AttributeStatement) Assertion(org.opensaml.saml2.core.Assertion) BaseSakerhetstjanstAssertion(se.inera.intyg.infra.security.siths.BaseSakerhetstjanstAssertion) AssertionBuilder(org.opensaml.saml2.core.impl.AssertionBuilder)

Example 7 with AttributeStatement

use of org.opensaml.saml.saml2.core.AttributeStatement in project spring-security by spring-projects.

the class OpenSaml4AuthenticationProviderTests method authenticateWhenAssertionContainsCustomAttributesThenItSucceeds.

@Test
public void authenticateWhenAssertionContainsCustomAttributesThenItSucceeds() {
    Response response = response();
    Assertion assertion = assertion();
    AttributeStatement attribute = TestOpenSamlObjects.customAttributeStatement("Address", TestCustomOpenSamlObjects.instance());
    assertion.getAttributeStatements().add(attribute);
    TestOpenSamlObjects.signed(assertion, TestSaml2X509Credentials.assertingPartySigningCredential(), RELYING_PARTY_ENTITY_ID);
    response.getAssertions().add(assertion);
    Saml2AuthenticationToken token = token(response, verifying(registration()));
    Authentication authentication = this.provider.authenticate(token);
    Saml2AuthenticatedPrincipal principal = (Saml2AuthenticatedPrincipal) authentication.getPrincipal();
    CustomOpenSamlObject address = (CustomOpenSamlObject) principal.getAttribute("Address").get(0);
    assertThat(address.getStreet()).isEqualTo("Test Street");
    assertThat(address.getStreetNumber()).isEqualTo("1");
    assertThat(address.getZIP()).isEqualTo("11111");
    assertThat(address.getCity()).isEqualTo("Test City");
}
Also used : Response(org.opensaml.saml.saml2.core.Response) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) Authentication(org.springframework.security.core.Authentication) EncryptedAssertion(org.opensaml.saml.saml2.core.EncryptedAssertion) Assertion(org.opensaml.saml.saml2.core.Assertion) CustomOpenSamlObject(org.springframework.security.saml2.provider.service.authentication.TestCustomOpenSamlObjects.CustomOpenSamlObject) Test(org.junit.jupiter.api.Test)

Example 8 with AttributeStatement

use of org.opensaml.saml.saml2.core.AttributeStatement in project spring-security by spring-projects.

the class OpenSamlAuthenticationProviderTests method authenticateWhenEncryptedAttributeThenDecrypts.

@Test
public void authenticateWhenEncryptedAttributeThenDecrypts() {
    Response response = response();
    Assertion assertion = assertion();
    EncryptedAttribute attribute = TestOpenSamlObjects.encrypted("name", "value", TestSaml2X509Credentials.assertingPartyEncryptingCredential());
    AttributeStatement statement = build(AttributeStatement.DEFAULT_ELEMENT_NAME);
    statement.getEncryptedAttributes().add(attribute);
    assertion.getAttributeStatements().add(statement);
    response.getAssertions().add(assertion);
    TestOpenSamlObjects.signed(response, TestSaml2X509Credentials.assertingPartySigningCredential(), RELYING_PARTY_ENTITY_ID);
    Saml2AuthenticationToken token = token(response, decrypting(verifying(registration())));
    Saml2Authentication authentication = (Saml2Authentication) this.provider.authenticate(token);
    Saml2AuthenticatedPrincipal principal = (Saml2AuthenticatedPrincipal) authentication.getPrincipal();
    assertThat(principal.getAttribute("name")).containsExactly("value");
}
Also used : Response(org.opensaml.saml.saml2.core.Response) EncryptedAttribute(org.opensaml.saml.saml2.core.EncryptedAttribute) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) EncryptedAssertion(org.opensaml.saml.saml2.core.EncryptedAssertion) Assertion(org.opensaml.saml.saml2.core.Assertion) Test(org.junit.jupiter.api.Test)

Example 9 with AttributeStatement

use of org.opensaml.saml.saml2.core.AttributeStatement in project spring-security by spring-projects.

the class TestOpenSamlObjects method attributeStatements.

static List<AttributeStatement> attributeStatements() {
    List<AttributeStatement> attributeStatements = new ArrayList<>();
    AttributeStatementBuilder attributeStatementBuilder = new AttributeStatementBuilder();
    AttributeBuilder attributeBuilder = new AttributeBuilder();
    AttributeStatement attrStmt1 = attributeStatementBuilder.buildObject();
    Attribute emailAttr = attributeBuilder.buildObject();
    emailAttr.setName("email");
    // gh-8864
    XSAny email1 = new XSAnyBuilder().buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSAny.TYPE_NAME);
    email1.setTextContent("john.doe@example.com");
    emailAttr.getAttributeValues().add(email1);
    XSAny email2 = new XSAnyBuilder().buildObject(AttributeValue.DEFAULT_ELEMENT_NAME);
    email2.setTextContent("doe.john@example.com");
    emailAttr.getAttributeValues().add(email2);
    attrStmt1.getAttributes().add(emailAttr);
    Attribute nameAttr = attributeBuilder.buildObject();
    nameAttr.setName("name");
    XSString name = new XSStringBuilder().buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
    name.setValue("John Doe");
    nameAttr.getAttributeValues().add(name);
    attrStmt1.getAttributes().add(nameAttr);
    Attribute ageAttr = attributeBuilder.buildObject();
    ageAttr.setName("age");
    XSInteger age = new XSIntegerBuilder().buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSInteger.TYPE_NAME);
    age.setValue(21);
    ageAttr.getAttributeValues().add(age);
    attrStmt1.getAttributes().add(ageAttr);
    attributeStatements.add(attrStmt1);
    AttributeStatement attrStmt2 = attributeStatementBuilder.buildObject();
    Attribute websiteAttr = attributeBuilder.buildObject();
    websiteAttr.setName("website");
    XSURI uri = new XSURIBuilder().buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSURI.TYPE_NAME);
    uri.setValue("https://johndoe.com/");
    websiteAttr.getAttributeValues().add(uri);
    attrStmt2.getAttributes().add(websiteAttr);
    Attribute registeredAttr = attributeBuilder.buildObject();
    registeredAttr.setName("registered");
    XSBoolean registered = new XSBooleanBuilder().buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSBoolean.TYPE_NAME);
    registered.setValue(new XSBooleanValue(true, false));
    registeredAttr.getAttributeValues().add(registered);
    attrStmt2.getAttributes().add(registeredAttr);
    attributeStatements.add(attrStmt2);
    return attributeStatements;
}
Also used : AttributeStatementBuilder(org.opensaml.saml.saml2.core.impl.AttributeStatementBuilder) AttributeBuilder(org.opensaml.saml.saml2.core.impl.AttributeBuilder) XSIntegerBuilder(org.opensaml.core.xml.schema.impl.XSIntegerBuilder) XSBooleanBuilder(org.opensaml.core.xml.schema.impl.XSBooleanBuilder) XSAnyBuilder(org.opensaml.core.xml.schema.impl.XSAnyBuilder) Attribute(org.opensaml.saml.saml2.core.Attribute) EncryptedAttribute(org.opensaml.saml.saml2.core.EncryptedAttribute) ArrayList(java.util.ArrayList) XSString(org.opensaml.core.xml.schema.XSString) XSStringBuilder(org.opensaml.core.xml.schema.impl.XSStringBuilder) XSURI(org.opensaml.core.xml.schema.XSURI) XSAny(org.opensaml.core.xml.schema.XSAny) XSBooleanValue(org.opensaml.core.xml.schema.XSBooleanValue) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) XSInteger(org.opensaml.core.xml.schema.XSInteger) XSBoolean(org.opensaml.core.xml.schema.XSBoolean) XSURIBuilder(org.opensaml.core.xml.schema.impl.XSURIBuilder)

Example 10 with AttributeStatement

use of org.opensaml.saml.saml2.core.AttributeStatement in project spring-security by spring-projects.

the class OpenSamlAuthenticationProviderTests method attributeStatements.

private List<AttributeStatement> attributeStatements() {
    List<AttributeStatement> attributeStatements = TestOpenSamlObjects.attributeStatements();
    AttributeBuilder attributeBuilder = new AttributeBuilder();
    Attribute registeredDateAttr = attributeBuilder.buildObject();
    registeredDateAttr.setName("registeredDate");
    XSDateTime registeredDate = new XSDateTimeBuilder().buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSDateTime.TYPE_NAME);
    registeredDate.setValue(DateTime.parse("1970-01-01T00:00:00Z"));
    registeredDateAttr.getAttributeValues().add(registeredDate);
    attributeStatements.get(0).getAttributes().add(registeredDateAttr);
    return attributeStatements;
}
Also used : AttributeBuilder(org.opensaml.saml.saml2.core.impl.AttributeBuilder) XSDateTime(org.opensaml.core.xml.schema.XSDateTime) XSDateTimeBuilder(org.opensaml.core.xml.schema.impl.XSDateTimeBuilder) Attribute(org.opensaml.saml.saml2.core.Attribute) EncryptedAttribute(org.opensaml.saml.saml2.core.EncryptedAttribute) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement)

Aggregations

AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)61 Attribute (org.opensaml.saml.saml2.core.Attribute)40 Assertion (org.opensaml.saml.saml2.core.Assertion)36 Test (org.junit.jupiter.api.Test)24 XMLObject (org.opensaml.core.xml.XMLObject)17 AssertionBuilder.anAssertion (uk.gov.ida.saml.core.test.builders.AssertionBuilder.anAssertion)17 EncryptedAttribute (org.opensaml.saml.saml2.core.EncryptedAttribute)10 SimpleStringAttributeBuilder.aSimpleStringAttribute (uk.gov.ida.saml.core.test.builders.SimpleStringAttributeBuilder.aSimpleStringAttribute)9 ArrayList (java.util.ArrayList)8 SamlTransformationErrorFactory.emptyAttribute (uk.gov.ida.saml.core.errors.SamlTransformationErrorFactory.emptyAttribute)8 HashMap (java.util.HashMap)7 XSString (org.opensaml.core.xml.schema.XSString)7 NameID (org.opensaml.saml.saml2.core.NameID)7 Response (org.opensaml.saml.saml2.core.Response)7 Subject (org.opensaml.saml.saml2.core.Subject)7 Map (java.util.Map)6 SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)6 EncryptedAssertion (org.opensaml.saml.saml2.core.EncryptedAssertion)6 AttributeStatement (org.opensaml.saml2.core.AttributeStatement)6 List (java.util.List)5