Example 71 with Issuer
use of org.opensaml.saml.saml2.core.Issuer in project ddf by codice.
the class SamlAssertionValidatorImpl method createSamlResponse.
/**
* Creates the SAML response that we use for validation against the CXF code.
*
* @param inResponseTo
* @param issuer
* @param status
* @return Response
*/
private static Response createSamlResponse(String inResponseTo, String issuer, Status status) {
if (responseBuilder == null) {
responseBuilder = (SAMLObjectBuilder<Response>) builderFactory.getBuilder(Response.DEFAULT_ELEMENT_NAME);
}
Response response = responseBuilder.buildObject();
response.setID(UUID.randomUUID().toString());
response.setIssueInstant(new DateTime());
response.setInResponseTo(inResponseTo);
response.setIssuer(createIssuer(issuer));
response.setStatus(status);
response.setVersion(SAMLVersion.VERSION_20);
return response;
}Example 72 with Issuer
use of org.opensaml.saml.saml2.core.Issuer in project verify-hub by alphagov.
the class HubAttributeQueryRequestToSamlAttributeQueryTransformerTest method transform_shouldSetTheSPNameQualifierAndNameQualifierToValuesThatShouldntBeThereButCurrentlyHaveNoWhereBetterToBe.
@Test
public void transform_shouldSetTheSPNameQualifierAndNameQualifierToValuesThatShouldntBeThereButCurrentlyHaveNoWhereBetterToBe() {
final String authnStatementAssertion = aPassthroughAssertion().withUnderlyingAssertion(ENCRYPTED_AUTHN_ASSERTION).buildAuthnStatementAssertionAsString();
final HubAssertion cycle3DataAssertion = aHubAssertion().build();
HubAttributeQueryRequest originalQuery = aHubAttributeQueryRequest().withEncryptedAuthnAssertion(authnStatementAssertion).withCycle3DataAssertion(cycle3DataAssertion).withAssertionConsumerServiceUrl(URI.create("/foo")).withAuthnRequestIssuerEntityId("authn-request-issuer").build();
AttributeQuery transformedQuery = transformer.apply(originalQuery);
NameID nameID = transformedQuery.getSubject().getNameID();
assertThat(nameID.getSPNameQualifier()).isEqualTo("authn-request-issuer");
assertThat(nameID.getNameQualifier()).isEqualTo("/foo");
}
Also used :
AttributeQuery(org.opensaml.saml.saml2.core.AttributeQuery)
NameID(org.opensaml.saml.saml2.core.NameID)
HubAttributeQueryRequestBuilder.aHubAttributeQueryRequest(uk.gov.ida.saml.hub.test.builders.HubAttributeQueryRequestBuilder.aHubAttributeQueryRequest)
HubAttributeQueryRequest(uk.gov.ida.saml.hub.domain.HubAttributeQueryRequest)
HubAssertionBuilder.aHubAssertion(uk.gov.ida.saml.core.test.builders.HubAssertionBuilder.aHubAssertion)
HubAssertion(uk.gov.ida.saml.core.domain.HubAssertion)
Test(org.junit.jupiter.api.Test)
Example 73 with Issuer
use of org.opensaml.saml.saml2.core.Issuer in project verify-hub by alphagov.
the class DuplicateAssertionValidatorTest method validateMatchingDataSetAssertion_shouldPassIfTwoAssertionsHaveTheSameIdButTheFirstAssertionHasExpired.
@Test
public void validateMatchingDataSetAssertion_shouldPassIfTwoAssertionsHaveTheSameIdButTheFirstAssertionHasExpired() throws Exception {
DateTime futureDate = DateTime.now().plusMinutes(6);
Assertion assertion = createAssertion("expired-duplicate", futureDate);
duplicateAssertionValidator.validateMatchingDataSetAssertion(assertion, "issuer");
assertThat(duplicateIds.get("expired-duplicate")).isEqualTo(futureDate.toDateTime(UTC));
}
Also used :
AssertionBuilder.anAssertion(uk.gov.ida.saml.core.test.builders.AssertionBuilder.anAssertion)
Assertion(org.opensaml.saml.saml2.core.Assertion)
DateTime(org.joda.time.DateTime)
Test(org.junit.jupiter.api.Test)
Example 74 with Issuer
use of org.opensaml.saml.saml2.core.Issuer in project verify-hub by alphagov.
the class MatchingServiceHealthCheckRequestToSamlAttributeQueryTransformer method apply.
public AttributeQuery apply(MatchingServiceHealthCheckRequest originalQuery) {
AttributeQuery transformedQuery = samlObjectFactory.createAttributeQuery();
Issuer issuer = samlObjectFactory.createIssuer(originalQuery.getIssuer());
transformedQuery.setID(originalQuery.getId());
transformedQuery.setIssuer(issuer);
transformedQuery.setIssueInstant(DateTime.now());
Subject subject = samlObjectFactory.createSubject();
NameID nameId = samlObjectFactory.createNameId(originalQuery.getPersistentId().getNameId());
nameId.setSPNameQualifier(originalQuery.getAuthnRequestIssuerEntityId());
nameId.setNameQualifier(originalQuery.getAssertionConsumerServiceUrl().toASCIIString());
subject.setNameID(nameId);
SubjectConfirmation subjectConfirmation = samlObjectFactory.createSubjectConfirmation();
SubjectConfirmationData subjectConfirmationData = samlObjectFactory.createSubjectConfirmationData();
subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
subject.getSubjectConfirmations().add(subjectConfirmation);
transformedQuery.setSubject(subject);
return transformedQuery;
}
Also used :
SubjectConfirmation(org.opensaml.saml.saml2.core.SubjectConfirmation)
AttributeQuery(org.opensaml.saml.saml2.core.AttributeQuery)
Issuer(org.opensaml.saml.saml2.core.Issuer)
NameID(org.opensaml.saml.saml2.core.NameID)
SubjectConfirmationData(org.opensaml.saml.saml2.core.SubjectConfirmationData)
Subject(org.opensaml.saml.saml2.core.Subject)
Example 75 with Issuer
use of org.opensaml.saml.saml2.core.Issuer in project verify-hub by alphagov.
the class IssuerValidator method validate.
public static void validate(Response response) {
Issuer issuer = response.getIssuer();
if (issuer == null)
throw new SamlValidationException(missingIssuer());
String issuerId = issuer.getValue();
if (Strings.isNullOrEmpty(issuerId))
throw new SamlValidationException(emptyIssuer());
String issuerFormat = issuer.getFormat();
if (issuerFormat != null && !NameIDType.ENTITY.equals(issuerFormat))
throw new SamlValidationException(illegalIssuerFormat(issuerFormat, NameIDType.ENTITY));
}
Also used :
SamlValidationException(uk.gov.ida.saml.hub.exception.SamlValidationException)
SamlTransformationErrorFactory.missingIssuer(uk.gov.ida.saml.core.errors.SamlTransformationErrorFactory.missingIssuer)
SamlTransformationErrorFactory.emptyIssuer(uk.gov.ida.saml.core.errors.SamlTransformationErrorFactory.emptyIssuer)
Issuer(org.opensaml.saml.saml2.core.Issuer)
Aggregations
Issuer (org.opensaml.saml.saml2.core.Issuer)79
Response (org.opensaml.saml.saml2.core.Response)59
DateTime (org.joda.time.DateTime)57
Test (org.junit.jupiter.api.Test)37
AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)36
Element (org.w3c.dom.Element)34
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)32
lombok.val (lombok.val)28
SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)26
Document (org.w3c.dom.Document)25
Status (org.opensaml.saml.saml2.core.Status)24
Assertion (org.opensaml.saml.saml2.core.Assertion)22
SAMLCallback (org.apache.wss4j.common.saml.SAMLCallback)20
SubjectConfirmationDataBean (org.apache.wss4j.common.saml.bean.SubjectConfirmationDataBean)20
SAMLObjectBuilder (org.opensaml.saml.common.SAMLObjectBuilder)17
LogoutRequest (org.opensaml.saml.saml2.core.LogoutRequest)16
InputStream (java.io.InputStream)15
IssuerBuilder (org.opensaml.saml.saml2.core.impl.IssuerBuilder)15
Crypto (org.apache.wss4j.common.crypto.Crypto)14
KeyStore (java.security.KeyStore)13
