Search in sources :

Example 81 with AuthnRequest

use of org.opensaml.saml.saml2.core.AuthnRequest in project verify-hub by alphagov.

the class ProtectiveMonitoringLogFormatterTest method shouldFormatAuthnRequest.

@Test
public void shouldFormatAuthnRequest() {
    AuthnRequest authnRequest = anAuthnRequest().withId("test-id").withDestination("veganistan").build();
    String logString = new ProtectiveMonitoringLogFormatter().formatAuthnRequest(authnRequest, Direction.INBOUND, SignatureStatus.VALID_SIGNATURE);
    String expectedLogMessage = "Protective Monitoring – Authn Request Event – {" + "requestId: test-id, " + "direction: INBOUND, " + "destination: veganistan, " + "issuerId: a-test-entity, " + "validSignature: true}";
    assertThat(logString).isEqualTo(expectedLogMessage);
}
Also used : AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) AuthnRequestBuilder.anAuthnRequest(uk.gov.ida.saml.core.test.builders.AuthnRequestBuilder.anAuthnRequest) Test(org.junit.jupiter.api.Test)

Example 82 with AuthnRequest

use of org.opensaml.saml.saml2.core.AuthnRequest in project verify-hub by alphagov.

the class ProtectiveMonitoringLogFormatter method formatAuthnRequest.

public String formatAuthnRequest(AuthnRequest authnRequest, Direction direction, SignatureStatus signatureStatus) {
    Issuer issuer = authnRequest.getIssuer();
    String issuerId = issuer != null ? issuer.getValue() : "";
    return String.format(AUTHN_REQUEST, authnRequest.getID(), direction, authnRequest.getDestination(), issuerId, signatureStatus.valid());
}
Also used : Issuer(org.opensaml.saml.saml2.core.Issuer)

Example 83 with AuthnRequest

use of org.opensaml.saml.saml2.core.AuthnRequest in project cxf by apache.

the class AuthnRequestBuilderTest method testAuthnRequestID.

@org.junit.Test
public void testAuthnRequestID() throws Exception {
    AuthnRequestBuilder authnRequestBuilder = new DefaultAuthnRequestBuilder();
    AuthnRequest authnRequest = authnRequestBuilder.createAuthnRequest(new MessageImpl(), "http://localhost:9001/app", "http://localhost:9001/sso");
    assertTrue("ID must start with a letter or underscore, and can only contain letters, digits, " + "underscores, hyphens, and periods.", authnRequest.getID().matches("^[_a-zA-Z][-_0-9a-zA-Z\\.]+$"));
}
Also used : AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) MessageImpl(org.apache.cxf.message.MessageImpl)

Example 84 with AuthnRequest

use of org.opensaml.saml.saml2.core.AuthnRequest in project cas by apereo.

the class SamlProfileSamlAssertionBuilder method build.

@Override
public Assertion build(final AuthnRequest authnRequest, final HttpServletRequest request, final HttpServletResponse response, final org.jasig.cas.client.validation.Assertion casAssertion, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) throws SamlException {
    final List<Statement> statements = new ArrayList<>();
    statements.add(this.samlProfileSamlAuthNStatementBuilder.build(authnRequest, request, response, casAssertion, service, adaptor));
    statements.add(this.samlProfileSamlAttributeStatementBuilder.build(authnRequest, request, response, casAssertion, service, adaptor));
    final String id = '_' + String.valueOf(Math.abs(new SecureRandom().nextLong()));
    final Assertion assertion = newAssertion(statements, casProperties.getAuthn().getSamlIdp().getEntityId(), ZonedDateTime.now(ZoneOffset.UTC), id);
    assertion.setSubject(this.samlProfileSamlSubjectBuilder.build(authnRequest, request, response, casAssertion, service, adaptor));
    assertion.setConditions(this.samlProfileSamlConditionsBuilder.build(authnRequest, request, response, casAssertion, service, adaptor));
    signAssertion(assertion, request, response, service, adaptor);
    return assertion;
}
Also used : AuthnStatement(org.opensaml.saml.saml2.core.AuthnStatement) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) Statement(org.opensaml.saml.saml2.core.Statement) ArrayList(java.util.ArrayList) Assertion(org.opensaml.saml.saml2.core.Assertion) SecureRandom(java.security.SecureRandom)

Example 85 with AuthnRequest

use of org.opensaml.saml.saml2.core.AuthnRequest in project cas by apereo.

the class SamlProfileSamlAuthNStatementBuilder method buildAuthnStatement.

/**
     * Creates an authentication statement for the current request.
     *
     * @param assertion    the assertion
     * @param authnRequest the authn request
     * @param adaptor      the adaptor
     * @param service      the service
     * @return constructed authentication statement
     * @throws SamlException the saml exception
     */
private AuthnStatement buildAuthnStatement(final Assertion assertion, final AuthnRequest authnRequest, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor, final SamlRegisteredService service) throws SamlException {
    final String authenticationMethod = this.authnContextClassRefBuilder.build(assertion, authnRequest, adaptor, service);
    final String id = '_' + String.valueOf(Math.abs(new SecureRandom().nextLong()));
    final AuthnStatement statement = newAuthnStatement(authenticationMethod, DateTimeUtils.zonedDateTimeOf(assertion.getAuthenticationDate()), id);
    if (assertion.getValidUntilDate() != null) {
        final ZonedDateTime dt = DateTimeUtils.zonedDateTimeOf(assertion.getValidUntilDate());
        statement.setSessionNotOnOrAfter(DateTimeUtils.dateTimeOf(dt.plusSeconds(casProperties.getAuthn().getSamlIdp().getResponse().getSkewAllowance())));
    }
    statement.setSubjectLocality(buildSubjectLocality(assertion, authnRequest, adaptor));
    return statement;
}
Also used : ZonedDateTime(java.time.ZonedDateTime) AuthnStatement(org.opensaml.saml.saml2.core.AuthnStatement) SecureRandom(java.security.SecureRandom)

Aggregations

AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)113 Test (org.junit.jupiter.api.Test)42 lombok.val (lombok.val)40 Issuer (org.opensaml.saml.saml2.core.Issuer)28 AuthnRequestBuilder.anAuthnRequest (uk.gov.ida.saml.core.test.builders.AuthnRequestBuilder.anAuthnRequest)15 SAMLObjectBuilder (org.opensaml.saml.common.SAMLObjectBuilder)14 RequestedAuthnContext (org.opensaml.saml.saml2.core.RequestedAuthnContext)14 MessageContext (org.opensaml.messaging.context.MessageContext)13 IdaAuthnRequestFromHub (uk.gov.ida.saml.hub.domain.IdaAuthnRequestFromHub)12 IdaAuthnRequestBuilder.anIdaAuthnRequest (uk.gov.ida.saml.hub.test.builders.IdaAuthnRequestBuilder.anIdaAuthnRequest)12 SamlRegisteredService (org.apereo.cas.support.saml.services.SamlRegisteredService)11 DateTime (org.joda.time.DateTime)11 AuthnContextClassRef (org.opensaml.saml.saml2.core.AuthnContextClassRef)11 NameIDPolicy (org.opensaml.saml.saml2.core.NameIDPolicy)11 SamlRegisteredServiceServiceProviderMetadataFacade (org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)10 AssertionConsumerService (org.opensaml.saml.saml2.metadata.AssertionConsumerService)10 IOException (java.io.IOException)9 XMLObject (org.opensaml.core.xml.XMLObject)9 NameID (org.opensaml.saml.saml2.core.NameID)8 JEEContext (org.pac4j.core.context.JEEContext)8