use of org.opensaml.saml.saml2.core.Issuer in project ddf by codice.
the class SamlAssertionValidatorImpl method createSamlResponse.
/**
* Creates the SAML response that we use for validation against the CXF code.
*
* @param inResponseTo
* @param issuer
* @param status
* @return Response
*/
private static Response createSamlResponse(String inResponseTo, String issuer, Status status) {
if (responseBuilder == null) {
responseBuilder = (SAMLObjectBuilder<Response>) builderFactory.getBuilder(Response.DEFAULT_ELEMENT_NAME);
}
Response response = responseBuilder.buildObject();
response.setID(UUID.randomUUID().toString());
response.setIssueInstant(new DateTime());
response.setInResponseTo(inResponseTo);
response.setIssuer(createIssuer(issuer));
response.setStatus(status);
response.setVersion(SAMLVersion.VERSION_20);
return response;
}
use of org.opensaml.saml.saml2.core.Issuer in project verify-hub by alphagov.
the class HubAttributeQueryRequestToSamlAttributeQueryTransformerTest method transform_shouldSetTheSPNameQualifierAndNameQualifierToValuesThatShouldntBeThereButCurrentlyHaveNoWhereBetterToBe.
@Test
public void transform_shouldSetTheSPNameQualifierAndNameQualifierToValuesThatShouldntBeThereButCurrentlyHaveNoWhereBetterToBe() {
final String authnStatementAssertion = aPassthroughAssertion().withUnderlyingAssertion(ENCRYPTED_AUTHN_ASSERTION).buildAuthnStatementAssertionAsString();
final HubAssertion cycle3DataAssertion = aHubAssertion().build();
HubAttributeQueryRequest originalQuery = aHubAttributeQueryRequest().withEncryptedAuthnAssertion(authnStatementAssertion).withCycle3DataAssertion(cycle3DataAssertion).withAssertionConsumerServiceUrl(URI.create("/foo")).withAuthnRequestIssuerEntityId("authn-request-issuer").build();
AttributeQuery transformedQuery = transformer.apply(originalQuery);
NameID nameID = transformedQuery.getSubject().getNameID();
assertThat(nameID.getSPNameQualifier()).isEqualTo("authn-request-issuer");
assertThat(nameID.getNameQualifier()).isEqualTo("/foo");
}
use of org.opensaml.saml.saml2.core.Issuer in project verify-hub by alphagov.
the class DuplicateAssertionValidatorTest method validateMatchingDataSetAssertion_shouldPassIfTwoAssertionsHaveTheSameIdButTheFirstAssertionHasExpired.
@Test
public void validateMatchingDataSetAssertion_shouldPassIfTwoAssertionsHaveTheSameIdButTheFirstAssertionHasExpired() throws Exception {
DateTime futureDate = DateTime.now().plusMinutes(6);
Assertion assertion = createAssertion("expired-duplicate", futureDate);
duplicateAssertionValidator.validateMatchingDataSetAssertion(assertion, "issuer");
assertThat(duplicateIds.get("expired-duplicate")).isEqualTo(futureDate.toDateTime(UTC));
}
use of org.opensaml.saml.saml2.core.Issuer in project verify-hub by alphagov.
the class MatchingServiceHealthCheckRequestToSamlAttributeQueryTransformer method apply.
public AttributeQuery apply(MatchingServiceHealthCheckRequest originalQuery) {
AttributeQuery transformedQuery = samlObjectFactory.createAttributeQuery();
Issuer issuer = samlObjectFactory.createIssuer(originalQuery.getIssuer());
transformedQuery.setID(originalQuery.getId());
transformedQuery.setIssuer(issuer);
transformedQuery.setIssueInstant(DateTime.now());
Subject subject = samlObjectFactory.createSubject();
NameID nameId = samlObjectFactory.createNameId(originalQuery.getPersistentId().getNameId());
nameId.setSPNameQualifier(originalQuery.getAuthnRequestIssuerEntityId());
nameId.setNameQualifier(originalQuery.getAssertionConsumerServiceUrl().toASCIIString());
subject.setNameID(nameId);
SubjectConfirmation subjectConfirmation = samlObjectFactory.createSubjectConfirmation();
SubjectConfirmationData subjectConfirmationData = samlObjectFactory.createSubjectConfirmationData();
subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
subject.getSubjectConfirmations().add(subjectConfirmation);
transformedQuery.setSubject(subject);
return transformedQuery;
}
use of org.opensaml.saml.saml2.core.Issuer in project verify-hub by alphagov.
the class IssuerValidator method validate.
public static void validate(Response response) {
Issuer issuer = response.getIssuer();
if (issuer == null)
throw new SamlValidationException(missingIssuer());
String issuerId = issuer.getValue();
if (Strings.isNullOrEmpty(issuerId))
throw new SamlValidationException(emptyIssuer());
String issuerFormat = issuer.getFormat();
if (issuerFormat != null && !NameIDType.ENTITY.equals(issuerFormat))
throw new SamlValidationException(illegalIssuerFormat(issuerFormat, NameIDType.ENTITY));
}
Aggregations