Example 41 with AttributeStatement
use of org.opensaml.saml.saml2.core.AttributeStatement in project verify-hub by alphagov.
the class IdpAuthnResponseTranslatorServiceTest method setup.
@BeforeEach
public void setup() {
final String idpEntityId = TestEntityIds.STUB_IDP_ONE;
final String assertionId1 = randomUUID().toString();
final String assertionId2 = randomUUID().toString();
final SignatureAlgorithm signatureAlgorithm = new SignatureRSASHA1();
final DigestAlgorithm digestAlgorithm = new DigestSHA256();
final AttributeStatement matchingDatasetAttributeStatement = MatchingDatasetAttributeStatementBuilder_1_1.aMatchingDatasetAttributeStatement_1_1().build();
final AttributeStatement ipAddress = anAttributeStatement().addAttribute(IPAddressAttributeBuilder.anIPAddress().build()).build();
final Optional<Signature> signature = of(SignatureBuilder.aSignature().build());
final SignatureImpl signatureImpl = ((SignatureImpl) signature.get());
signatureImpl.setXMLSignature(BuilderHelper.createXMLSignature(signatureAlgorithm, digestAlgorithm));
authnStatementAssertion = AssertionBuilder.anAssertion().withId(assertionId1).withIssuer(IssuerBuilder.anIssuer().withIssuerId(idpEntityId).build()).addAttributeStatement(ipAddress).addAuthnStatement(AuthnStatementBuilder.anAuthnStatement().build()).withSignature(SignatureBuilder.aSignature().withSignatureAlgorithm(signatureAlgorithm).withDigestAlgorithm(assertionId1, digestAlgorithm).build()).buildUnencrypted();
matchingDatasetAssertion = AssertionBuilder.anAssertion().withId(assertionId2).withIssuer(IssuerBuilder.anIssuer().withIssuerId(idpEntityId).build()).addAttributeStatement(matchingDatasetAttributeStatement).withSignature(SignatureBuilder.aSignature().withSignatureAlgorithm(signatureAlgorithm).withDigestAlgorithm(assertionId2, digestAlgorithm).build()).buildUnencrypted();
when(responseContainer.getSamlResponse()).thenReturn(saml);
when(assertionBlobEncrypter.encryptAssertionBlob(any(), eq(authStatementUnderlyingAssertionBlob))).thenReturn(encryptedAuthnAssertion);
when(stringToOpenSamlResponseTransformer.apply(saml)).thenReturn(samlResponse);
when(samlResponseToIdaResponseIssuedByIdpTransformer.apply(samlResponse)).thenReturn(responseFromIdp);
when(authStatementAssertion.getUnderlyingAssertionBlob()).thenReturn(authStatementUnderlyingAssertionBlob);
when(authStatementAssertion.getAuthnContext()).thenReturn(Optional.empty());
when(authStatementAssertion.getFraudDetectedDetails()).thenReturn(Optional.empty());
when(authStatementAssertion.getPrincipalIpAddressAsSeenByIdp()).thenReturn(Optional.of(principalIpAddressSeenByIdp));
when(authnStatementPersistentId.getNameId()).thenReturn("a name id");
when(authnStatementPersistentId.getNameId()).thenReturn(persistentIdName);
when(authStatementAssertion.getPersistentId()).thenReturn(authnStatementPersistentId);
when(responseFromIdp.getIssuer()).thenReturn(responseIssuer);
when(responseFromIdp.getStatus()).thenReturn(status);
when(responseFromIdp.getMatchingDatasetAssertion()).thenReturn(empty());
when(responseFromIdp.getAuthnStatementAssertion()).thenReturn(empty());
when(responseFromIdp.getSignature()).thenReturn(signature);
when(samlResponse.getIssuer()).thenReturn(issuer);
when(stringToAssertionTransformer.apply(authStatementUnderlyingAssertionBlob)).thenReturn(authnStatementAssertion);
when(stringToAssertionTransformer.apply(matchingDatasetUnderlyingAssertionBlob)).thenReturn(matchingDatasetAssertion);
InboundResponseFromIdpDataGenerator inboundResponseFromIdpDataGenerator = new InboundResponseFromIdpDataGenerator(assertionBlobEncrypter);
service = new IdpAuthnResponseTranslatorService(stringToOpenSamlResponseTransformer, stringToAssertionTransformer, samlResponseToIdaResponseIssuedByIdpTransformer, inboundResponseFromIdpDataGenerator, idpAssertionMetricsCollector, transactionsConfigProxy);
}
Also used :
DigestSHA256(org.opensaml.xmlsec.algorithm.descriptors.DigestSHA256)
SignatureRSASHA1(org.opensaml.xmlsec.algorithm.descriptors.SignatureRSASHA1)
AttributeStatementBuilder.anAttributeStatement(uk.gov.ida.saml.core.test.builders.AttributeStatementBuilder.anAttributeStatement)
AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement)
Signature(org.opensaml.xmlsec.signature.Signature)
SignatureAlgorithm(org.opensaml.xmlsec.algorithm.SignatureAlgorithm)
SignatureImpl(org.opensaml.xmlsec.signature.impl.SignatureImpl)
InboundResponseFromIdpDataGenerator(uk.gov.ida.saml.hub.transformers.inbound.InboundResponseFromIdpDataGenerator)
DigestAlgorithm(org.opensaml.xmlsec.algorithm.DigestAlgorithm)
BeforeEach(org.junit.jupiter.api.BeforeEach)
Example 42 with AttributeStatement
use of org.opensaml.saml.saml2.core.AttributeStatement in project verify-hub by alphagov.
the class MatchingDatasetAssertionValidatorTest method validate_shouldNotThrowAnExceptionWhenCurrentAddressIsPresent_ProfileV1_1.
@Test
public void validate_shouldNotThrowAnExceptionWhenCurrentAddressIsPresent_ProfileV1_1() {
AttributeStatement attributeStatement = anEmptyMatchingDatasetAttributeStatement_1_1().withCurrentAddress().build();
Assertion matchingDatasetAssertion = anAssertion().addAttributeStatement(attributeStatement).buildUnencrypted();
validator.validate(matchingDatasetAssertion, RESPONSE_ISSUER_ID);
}
Also used :
AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement)
AssertionBuilder.anAssertion(uk.gov.ida.saml.core.test.builders.AssertionBuilder.anAssertion)
Assertion(org.opensaml.saml.saml2.core.Assertion)
Test(org.junit.jupiter.api.Test)
Example 43 with AttributeStatement
use of org.opensaml.saml.saml2.core.AttributeStatement in project verify-hub by alphagov.
the class MatchingDatasetAssertionValidatorTest method validate_shouldThrowExceptionWhenMultipleAttributeStatementsArePresent.
@Test
public void validate_shouldThrowExceptionWhenMultipleAttributeStatementsArePresent() {
AttributeStatement attributeStatement = anEmptyMatchingDatasetAttributeStatement_1_1().build();
Assertion matchingDatasetAssertion = anAssertion().addAttributeStatement(attributeStatement).addAttributeStatement(attributeStatement).buildUnencrypted();
validateFail(() -> validator.validate(matchingDatasetAssertion, RESPONSE_ISSUER_ID), mdsMultipleStatements());
}
Also used :
AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement)
AssertionBuilder.anAssertion(uk.gov.ida.saml.core.test.builders.AssertionBuilder.anAssertion)
Assertion(org.opensaml.saml.saml2.core.Assertion)
Test(org.junit.jupiter.api.Test)
Example 44 with AttributeStatement
use of org.opensaml.saml.saml2.core.AttributeStatement in project verify-hub by alphagov.
the class MatchingDatasetAssertionValidatorTest method validate_shouldNotThrowAnExceptionWhenPreviousAddressIsPresent_ProfileV1_1.
@Test
public void validate_shouldNotThrowAnExceptionWhenPreviousAddressIsPresent_ProfileV1_1() {
AttributeStatement attributeStatement = anEmptyMatchingDatasetAttributeStatement_1_1().addPreviousAddress().build();
Assertion matchingDatasetAssertion = anAssertion().addAttributeStatement(attributeStatement).buildUnencrypted();
validator.validate(matchingDatasetAssertion, RESPONSE_ISSUER_ID);
}
Also used :
AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement)
AssertionBuilder.anAssertion(uk.gov.ida.saml.core.test.builders.AssertionBuilder.anAssertion)
Assertion(org.opensaml.saml.saml2.core.Assertion)
Test(org.junit.jupiter.api.Test)
Example 45 with AttributeStatement
use of org.opensaml.saml.saml2.core.AttributeStatement in project verify-hub by alphagov.
the class MatchingDatasetAssertionValidatorTest method validate_shouldNotThrowExceptionWhenAttributeValueFromDateIsAbsent.
@Test
public void validate_shouldNotThrowExceptionWhenAttributeValueFromDateIsAbsent() {
Attribute attribute = aPersonName_1_1().addValue(aPersonNameValue().withFrom(null).build()).buildAsFirstname();
AttributeStatement attributeStatement = aMatchingDatasetAttributeStatement_1_1().withFirstname(attribute).build();
Assertion matchingDatasetAssertion = anAssertion().addAttributeStatement(attributeStatement).buildUnencrypted();
validator.validate(matchingDatasetAssertion, RESPONSE_ISSUER_ID);
}
Also used :
SimpleStringAttributeBuilder.aSimpleStringAttribute(uk.gov.ida.saml.core.test.builders.SimpleStringAttributeBuilder.aSimpleStringAttribute)
Attribute(org.opensaml.saml.saml2.core.Attribute)
SamlTransformationErrorFactory.emptyAttribute(uk.gov.ida.saml.core.errors.SamlTransformationErrorFactory.emptyAttribute)
AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement)
AssertionBuilder.anAssertion(uk.gov.ida.saml.core.test.builders.AssertionBuilder.anAssertion)
Assertion(org.opensaml.saml.saml2.core.Assertion)
Test(org.junit.jupiter.api.Test)
Aggregations
AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)61
Attribute (org.opensaml.saml.saml2.core.Attribute)40
Assertion (org.opensaml.saml.saml2.core.Assertion)36
Test (org.junit.jupiter.api.Test)24
XMLObject (org.opensaml.core.xml.XMLObject)17
AssertionBuilder.anAssertion (uk.gov.ida.saml.core.test.builders.AssertionBuilder.anAssertion)17
EncryptedAttribute (org.opensaml.saml.saml2.core.EncryptedAttribute)10
SimpleStringAttributeBuilder.aSimpleStringAttribute (uk.gov.ida.saml.core.test.builders.SimpleStringAttributeBuilder.aSimpleStringAttribute)9
ArrayList (java.util.ArrayList)8
SamlTransformationErrorFactory.emptyAttribute (uk.gov.ida.saml.core.errors.SamlTransformationErrorFactory.emptyAttribute)8
HashMap (java.util.HashMap)7
XSString (org.opensaml.core.xml.schema.XSString)7
NameID (org.opensaml.saml.saml2.core.NameID)7
Response (org.opensaml.saml.saml2.core.Response)7
Subject (org.opensaml.saml.saml2.core.Subject)7
Map (java.util.Map)6
SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)6
EncryptedAssertion (org.opensaml.saml.saml2.core.EncryptedAssertion)6
AttributeStatement (org.opensaml.saml2.core.AttributeStatement)6
List (java.util.List)5
