Example 11 with EncryptedID
use of org.opensaml.saml.saml2.core.EncryptedID in project spring-security by spring-projects.
the class TestOpenSamlObjects method assertingPartyLogoutRequestNameIdInEncryptedId.
public static LogoutRequest assertingPartyLogoutRequestNameIdInEncryptedId(RelyingPartyRegistration registration) {
LogoutRequestBuilder logoutRequestBuilder = new LogoutRequestBuilder();
LogoutRequest logoutRequest = logoutRequestBuilder.buildObject();
logoutRequest.setID("id");
NameIDBuilder nameIdBuilder = new NameIDBuilder();
NameID nameId = nameIdBuilder.buildObject();
nameId.setValue("user");
logoutRequest.setNameID(null);
Saml2X509Credential credential = registration.getAssertingPartyDetails().getEncryptionX509Credentials().iterator().next();
EncryptedID encrypted = encrypted(nameId, credential);
logoutRequest.setEncryptedID(encrypted);
IssuerBuilder issuerBuilder = new IssuerBuilder();
Issuer issuer = issuerBuilder.buildObject();
issuer.setValue(registration.getAssertingPartyDetails().getEntityId());
logoutRequest.setIssuer(issuer);
logoutRequest.setDestination(registration.getSingleLogoutServiceLocation());
return logoutRequest;
}
Also used :
NameIDBuilder(org.opensaml.saml.saml2.core.impl.NameIDBuilder)
LogoutRequestBuilder(org.opensaml.saml.saml2.core.impl.LogoutRequestBuilder)
NameID(org.opensaml.saml.saml2.core.NameID)
Issuer(org.opensaml.saml.saml2.core.Issuer)
Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential)
LogoutRequest(org.opensaml.saml.saml2.core.LogoutRequest)
IssuerBuilder(org.opensaml.saml.saml2.core.impl.IssuerBuilder)
EncryptedID(org.opensaml.saml.saml2.core.EncryptedID)
Example 12 with EncryptedID
use of org.opensaml.saml.saml2.core.EncryptedID in project spring-security by spring-projects.
the class OpenSaml4AuthenticationProviderTests method authenticateWhenEncryptedNameIdWithSignatureThenItSucceeds.
@Test
public void authenticateWhenEncryptedNameIdWithSignatureThenItSucceeds() {
Response response = response();
Assertion assertion = assertion();
NameID nameId = assertion.getSubject().getNameID();
EncryptedID encryptedID = TestOpenSamlObjects.encrypted(nameId, TestSaml2X509Credentials.assertingPartyEncryptingCredential());
assertion.getSubject().setNameID(null);
assertion.getSubject().setEncryptedID(encryptedID);
response.getAssertions().add(assertion);
TestOpenSamlObjects.signed(assertion, TestSaml2X509Credentials.assertingPartySigningCredential(), RELYING_PARTY_ENTITY_ID);
Saml2AuthenticationToken token = token(response, decrypting(verifying(registration())));
this.provider.authenticate(token);
}
Also used :
Response(org.opensaml.saml.saml2.core.Response)
NameID(org.opensaml.saml.saml2.core.NameID)
EncryptedAssertion(org.opensaml.saml.saml2.core.EncryptedAssertion)
Assertion(org.opensaml.saml.saml2.core.Assertion)
EncryptedID(org.opensaml.saml.saml2.core.EncryptedID)
Test(org.junit.jupiter.api.Test)
Aggregations
NameID (org.opensaml.saml.saml2.core.NameID)11
EncryptedID (org.opensaml.saml.saml2.core.EncryptedID)8
Assertion (org.opensaml.saml.saml2.core.Assertion)5
EncryptedAssertion (org.opensaml.saml.saml2.core.EncryptedAssertion)5
Test (org.junit.jupiter.api.Test)4
Response (org.opensaml.saml.saml2.core.Response)4
NameIDBuilder (org.opensaml.saml.saml2.core.impl.NameIDBuilder)3
lombok.val (lombok.val)2
SubjectConfirmation (org.opensaml.saml.saml2.core.SubjectConfirmation)2
EncryptedIDBuilder (org.opensaml.saml.saml2.core.impl.EncryptedIDBuilder)2
EncryptedDataBuilder (org.opensaml.xmlsec.encryption.impl.EncryptedDataBuilder)2
Authentication (org.springframework.security.core.Authentication)2
X509Certificate (java.security.cert.X509Certificate)1
ArrayList (java.util.ArrayList)1
ResolverException (net.shibboleth.utilities.java.support.resolver.ResolverException)1
SamlException (org.apereo.cas.support.saml.SamlException)1
DecryptionException (org.apereo.cas.util.crypto.DecryptionException)1
BouncyCastleProvider (org.bouncycastle.jce.provider.BouncyCastleProvider)1
BaseID (org.opensaml.saml.saml2.core.BaseID)1
Issuer (org.opensaml.saml.saml2.core.Issuer)1
