Example 81 with Issuer
use of org.opensaml.saml.saml2.core.Issuer in project verify-hub by alphagov.
the class IdpResponseValidatorTest method shouldIncrementCounterWheneverADecrypterFailsToDecrypt.
@Test
public void shouldIncrementCounterWheneverADecrypterFailsToDecrypt() throws Exception {
String issuerValue = "issuerValue";
Assertion assertion = mock(Assertion.class);
List<Assertion> assertions = ImmutableList.of(assertion);
ValidatedResponse validatedResponse = mock(ValidatedResponse.class);
Issuer responseIssuer = mock(Issuer.class);
Counter idpDecryptionErrorCounter = mock(Counter.class);
Counter.Child childCounter = mock(Counter.Child.class);
setFinalStatic(IdpResponseValidator.class.getDeclaredField("idpDecryptionErrorCounter"), idpDecryptionErrorCounter);
when(validatedResponse.getIssuer()).thenReturn(responseIssuer);
when(responseIssuer.getValue()).thenReturn(issuerValue);
when(samlResponseSignatureValidator.validate(response, IDPSSODescriptor.DEFAULT_ELEMENT_NAME)).thenReturn(validatedResponse);
when(assertionDecrypter.decryptAssertions(validatedResponse)).thenThrow(SamlFailedToDecryptException.class);
when(badAssertionDecrypter.decryptAssertions(validatedResponse)).thenReturn(assertions);
when(idpDecryptionErrorCounter.labels(anyString())).thenReturn(childCounter);
doNothing().when(childCounter).inc();
validator.validate(response);
String expectedMessage = String.format("IdpResponseValidator failed to decrypt assertions from issuerValue with one of the decrypters", issuerValue);
verify(mockAppender).doAppend(captorLoggingEvent.capture());
LoggingEvent loggingEvent = captorLoggingEvent.getValue();
assertThat(loggingEvent.getLevel()).isEqualTo(Level.WARN);
assertThat(loggingEvent.getFormattedMessage()).isEqualTo(expectedMessage);
verify(idpDecryptionErrorCounter).labels(validatedResponse.getIssuer().getValue());
verify(childCounter).inc();
}
Also used :
ILoggingEvent(ch.qos.logback.classic.spi.ILoggingEvent)
LoggingEvent(ch.qos.logback.classic.spi.LoggingEvent)
Counter(io.prometheus.client.Counter)
Issuer(org.opensaml.saml.saml2.core.Issuer)
Assertion(org.opensaml.saml.saml2.core.Assertion)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
ValidatedResponse(uk.gov.ida.saml.security.validators.ValidatedResponse)
Test(org.junit.jupiter.api.Test)
Example 82 with Issuer
use of org.opensaml.saml.saml2.core.Issuer in project verify-hub by alphagov.
the class EncryptedResponseFromMatchingServiceValidatorTest method validate_shouldThrowInvalidSamlExceptionIfIssuerIdIsMissing.
@Test
public void validate_shouldThrowInvalidSamlExceptionIfIssuerIdIsMissing() throws Exception {
Issuer issuer = anIssuer().withIssuerId(null).build();
Response response = aResponse().withIssuer(issuer).build();
assertValidationFailure(response, emptyIssuer());
}
Also used :
ResponseBuilder.aResponse(uk.gov.ida.saml.core.test.builders.ResponseBuilder.aResponse)
Response(org.opensaml.saml.saml2.core.Response)
Issuer(org.opensaml.saml.saml2.core.Issuer)
IssuerBuilder.anIssuer(uk.gov.ida.saml.core.test.builders.IssuerBuilder.anIssuer)
Test(org.junit.jupiter.api.Test)
Example 83 with Issuer
use of org.opensaml.saml.saml2.core.Issuer in project verify-hub by alphagov.
the class EncryptedResponseFromIdpValidatorTest method validateIssuer_shouldNotErrorIfFormatAttributeIsMissing.
@Test
public void validateIssuer_shouldNotErrorIfFormatAttributeIsMissing() throws Exception {
Issuer issuer = anIssuer().withFormat(null).build();
Response response = getResponseBuilderWithTwoAssertions().withIssuer(issuer).build();
validator.validate(response);
}
Also used :
Response(org.opensaml.saml.saml2.core.Response)
ResponseBuilder.aResponse(uk.gov.ida.saml.core.test.builders.ResponseBuilder.aResponse)
SamlTransformationErrorFactory.missingIssuer(uk.gov.ida.saml.core.errors.SamlTransformationErrorFactory.missingIssuer)
IssuerBuilder.anIssuer(uk.gov.ida.saml.core.test.builders.IssuerBuilder.anIssuer)
SamlTransformationErrorFactory.emptyIssuer(uk.gov.ida.saml.core.errors.SamlTransformationErrorFactory.emptyIssuer)
Issuer(org.opensaml.saml.saml2.core.Issuer)
Test(org.junit.jupiter.api.Test)
Example 84 with Issuer
use of org.opensaml.saml.saml2.core.Issuer in project verify-hub by alphagov.
the class EncryptedResponseFromIdpValidatorTest method validate_shouldThrowExceptionIfIssuerIdIsMissing.
@Test
public void validate_shouldThrowExceptionIfIssuerIdIsMissing() throws Exception {
Issuer issuer = anIssuer().withIssuerId(null).build();
Response response = aResponse().withIssuer(issuer).build();
assertValidationFailure(response, emptyIssuer());
}
Also used :
Response(org.opensaml.saml.saml2.core.Response)
ResponseBuilder.aResponse(uk.gov.ida.saml.core.test.builders.ResponseBuilder.aResponse)
SamlTransformationErrorFactory.missingIssuer(uk.gov.ida.saml.core.errors.SamlTransformationErrorFactory.missingIssuer)
IssuerBuilder.anIssuer(uk.gov.ida.saml.core.test.builders.IssuerBuilder.anIssuer)
SamlTransformationErrorFactory.emptyIssuer(uk.gov.ida.saml.core.errors.SamlTransformationErrorFactory.emptyIssuer)
Issuer(org.opensaml.saml.saml2.core.Issuer)
Test(org.junit.jupiter.api.Test)
Example 85 with Issuer
use of org.opensaml.saml.saml2.core.Issuer in project verify-hub by alphagov.
the class EncryptedResponseFromIdpValidatorTest method validateIssuer_shouldThrowExceptionIfFormatAttributeHasInvalidValue.
@Test
public void validateIssuer_shouldThrowExceptionIfFormatAttributeHasInvalidValue() throws Exception {
String invalidFormat = "goo";
Issuer issuer = anIssuer().withFormat(invalidFormat).build();
Response response = aResponse().withIssuer(issuer).build();
assertValidationFailure(response, illegalIssuerFormat(invalidFormat, NameIDType.ENTITY));
}
Also used :
Response(org.opensaml.saml.saml2.core.Response)
ResponseBuilder.aResponse(uk.gov.ida.saml.core.test.builders.ResponseBuilder.aResponse)
SamlTransformationErrorFactory.missingIssuer(uk.gov.ida.saml.core.errors.SamlTransformationErrorFactory.missingIssuer)
IssuerBuilder.anIssuer(uk.gov.ida.saml.core.test.builders.IssuerBuilder.anIssuer)
SamlTransformationErrorFactory.emptyIssuer(uk.gov.ida.saml.core.errors.SamlTransformationErrorFactory.emptyIssuer)
Issuer(org.opensaml.saml.saml2.core.Issuer)
Test(org.junit.jupiter.api.Test)
Aggregations
Issuer (org.opensaml.saml.saml2.core.Issuer)79
Response (org.opensaml.saml.saml2.core.Response)59
DateTime (org.joda.time.DateTime)57
Test (org.junit.jupiter.api.Test)37
AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)36
Element (org.w3c.dom.Element)34
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)32
lombok.val (lombok.val)28
SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)26
Document (org.w3c.dom.Document)25
Status (org.opensaml.saml.saml2.core.Status)24
Assertion (org.opensaml.saml.saml2.core.Assertion)22
SAMLCallback (org.apache.wss4j.common.saml.SAMLCallback)20
SubjectConfirmationDataBean (org.apache.wss4j.common.saml.bean.SubjectConfirmationDataBean)20
SAMLObjectBuilder (org.opensaml.saml.common.SAMLObjectBuilder)17
LogoutRequest (org.opensaml.saml.saml2.core.LogoutRequest)16
InputStream (java.io.InputStream)15
IssuerBuilder (org.opensaml.saml.saml2.core.impl.IssuerBuilder)15
Crypto (org.apache.wss4j.common.crypto.Crypto)14
KeyStore (java.security.KeyStore)13
