use of org.opensaml.saml.saml2.core.Issuer in project verify-hub by alphagov.
the class VerifiedAttributesLoggerTest method shouldLogSurnameNameHistory.
@Test
public void shouldLogSurnameNameHistory() throws Exception {
AttributeValue surnameAttributeValue = new PersonNameAttributeValueBuilder().withFrom(DateTime.parse("2000-12-31")).withVerified(true).build();
Attribute surnameAttribute = new AttributeBuilder().buildObject();
surnameAttribute.setName(IdaConstants.Attributes_1_1.Surname.NAME);
surnameAttribute.getAttributeValues().add(surnameAttributeValue);
List<Attribute> attributes = aMatchingDatasetAttributeStatement_1_1().withSurname(surnameAttribute).build().getAttributes();
AttributeStatementLogData actual = mapper.readValue(formatAttributes("any-issuer", LEVEL_2, attributes), AttributeStatementLogData.class);
Map<String, List<VerifiedAttributeLogData>> attributesMap = actual.getAttributes();
assertThat(attributesMap.get(IdaConstants.Attributes_1_1.Surname.NAME)).isEqualTo(List.of(new VerifiedAttributeLogData(true, null)));
}
use of org.opensaml.saml.saml2.core.Issuer in project verify-hub by alphagov.
the class VerifiedAttributesLoggerTest method shouldLogIssuerAndLevelOfAssurance.
@Test
public void shouldLogIssuerAndLevelOfAssurance() throws Exception {
List<Attribute> anyAttributesList = aMatchingDatasetAttributeStatement_1_1().build().getAttributes();
AttributeStatementLogData actual = mapper.readValue(formatAttributes("some-issuer", LEVEL_2, anyAttributesList), AttributeStatementLogData.class);
assertThat(actual.getIssuer()).isEqualTo("some-issuer");
assertThat(actual.getLevelOfAssurance()).isEqualTo(LEVEL_2);
}
use of org.opensaml.saml.saml2.core.Issuer in project verify-hub by alphagov.
the class VerifiedAttributesLoggerTest method shouldLogMiddleNamesNameHistory.
@Test
public void shouldLogMiddleNamesNameHistory() throws Exception {
AttributeValue oldMiddleNamesAttributeValue = new PersonNameAttributeValueBuilder().withFrom(DateTime.parse("2000-12-31")).withTo(DateTime.now().minusDays(406)).withVerified(true).build();
AttributeValue currentMiddleNamesAttributeValue = new PersonNameAttributeValueBuilder().withFrom(DateTime.now().minusDays(405)).withVerified(true).build();
Attribute middleNamesAttribute = new AttributeBuilder().buildObject();
middleNamesAttribute.setName(IdaConstants.Attributes_1_1.Middlename.NAME);
middleNamesAttribute.getAttributeValues().add(oldMiddleNamesAttributeValue);
middleNamesAttribute.getAttributeValues().add(currentMiddleNamesAttributeValue);
List<Attribute> attributes = aMatchingDatasetAttributeStatement_1_1().withMiddleNames(middleNamesAttribute).build().getAttributes();
AttributeStatementLogData actual = mapper.readValue(formatAttributes("any-issuer", LEVEL_2, attributes), AttributeStatementLogData.class);
Map<String, List<VerifiedAttributeLogData>> attributesMap = actual.getAttributes();
assertThat(attributesMap.get(IdaConstants.Attributes_1_1.Middlename.NAME)).isEqualTo(List.of(new VerifiedAttributeLogData(true, "more than 405 days"), new VerifiedAttributeLogData(true, null)));
}
use of org.opensaml.saml.saml2.core.Issuer in project verify-hub by alphagov.
the class VerifiedAttributesLoggerTest method shouldLogCurrentAddressHistory.
@Test
public void shouldLogCurrentAddressHistory() throws Exception {
AttributeValue currentAddressAttributeValue = new AddressAttributeValueBuilder_1_1().withFrom(DateTime.now().minusYears(1)).withVerified(true).build();
Attribute currentAddressAttribute = new AttributeBuilder().buildObject();
currentAddressAttribute.setName(IdaConstants.Attributes_1_1.CurrentAddress.NAME);
currentAddressAttribute.getAttributeValues().add(currentAddressAttributeValue);
List<Attribute> attributes = aMatchingDatasetAttributeStatement_1_1().withCurrentAddress(currentAddressAttribute).build().getAttributes();
AttributeStatementLogData actual = mapper.readValue(formatAttributes("any-issuer", LEVEL_2, attributes), AttributeStatementLogData.class);
Map<String, List<VerifiedAttributeLogData>> attributesMap = actual.getAttributes();
assertThat(attributesMap.get(IdaConstants.Attributes_1_1.CurrentAddress.NAME)).isEqualTo(List.of(new VerifiedAttributeLogData(true, null)));
}
use of org.opensaml.saml.saml2.core.Issuer in project verify-hub by alphagov.
the class IdpResponseValidatorTest method shouldThrowIfAllDecryptersFail.
@Test
public void shouldThrowIfAllDecryptersFail() throws Exception {
String issuerValue = "issuerValue";
ValidatedResponse validatedResponse = mock(ValidatedResponse.class);
Issuer responseIssuer = mock(Issuer.class);
Counter idpDecryptionErrorCounter = mock(Counter.class);
Counter.Child childCounter = mock(Counter.Child.class);
setFinalStatic(IdpResponseValidator.class.getDeclaredField("idpDecryptionErrorCounter"), idpDecryptionErrorCounter);
when(validatedResponse.getIssuer()).thenReturn(responseIssuer);
when(responseIssuer.getValue()).thenReturn(issuerValue);
when(samlResponseSignatureValidator.validate(response, IDPSSODescriptor.DEFAULT_ELEMENT_NAME)).thenReturn(validatedResponse);
when(assertionDecrypter.decryptAssertions(validatedResponse)).thenThrow(SamlFailedToDecryptException.class);
when(badAssertionDecrypter.decryptAssertions(validatedResponse)).thenThrow(SamlFailedToDecryptException.class);
when(idpDecryptionErrorCounter.labels(anyString())).thenReturn(childCounter);
doNothing().when(childCounter).inc();
SamlFailedToDecryptException exception = assertThrows(SamlFailedToDecryptException.class, () -> validator.validate(response));
assertEquals(exception.getMessage(), String.format("IdpResponseValidator could not decrypt assertions from %s with any of the decrypters", issuerValue));
verify(idpDecryptionErrorCounter, times(2)).labels(validatedResponse.getIssuer().getValue());
verify(childCounter, times(2)).inc();
}
Aggregations