use of org.opensaml.saml.saml2.core.Issuer in project verify-hub by alphagov.
the class ProtectiveMonitoringLogFormatter method formatAuthnResponse.
public String formatAuthnResponse(Response samlResponse, Direction direction, SignatureStatus signatureStatus) {
Issuer issuer = samlResponse.getIssuer();
String issuerString = issuer != null ? issuer.getValue() : "";
Status status = samlResponse.getStatus();
StatusCode subStatusCode = status.getStatusCode().getStatusCode();
String subStatus = subStatusCode != null ? subStatusCode.getValue() : "";
return String.format(AUTHN_RESPONSE, samlResponse.getID(), samlResponse.getInResponseTo(), direction, samlResponse.getDestination(), issuerString, signatureStatus.valid(), status.getStatusCode().getValue(), subStatus, getStatusDetailValues(status));
}
use of org.opensaml.saml.saml2.core.Issuer in project verify-hub by alphagov.
the class SamlMessageReceiverApi method handleRequestPost.
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Timed
@ResponseMetered
public Response handleRequestPost(SamlRequestDto samlRequestDto) {
relayStateValidator.validate(samlRequestDto.getRelayState());
AuthnRequest authnRequest = stringSamlAuthnRequestTransformer.apply(samlRequestDto.getSamlRequest());
SamlValidationResponse signatureValidationResponse = authnRequestSignatureValidator.validate(authnRequest, SPSSODescriptor.DEFAULT_ELEMENT_NAME);
authnRequestsFromEntities.labels(authnRequest.getIssuer().getValue()).inc();
protectiveMonitoringLogger.logAuthnRequest(authnRequest, Direction.INBOUND, SignatureStatus.fromValidationResponse(signatureValidationResponse));
if (!signatureValidationResponse.isOK()) {
SamlValidationSpecificationFailure failure = signatureValidationResponse.getSamlValidationSpecificationFailure();
throw new SamlTransformationErrorException(String.format("Invalid authn request from issuer \"%s\". %s", authnRequest.getIssuer().getValue(), failure.getErrorMessage()), signatureValidationResponse.getCause(), Level.ERROR);
}
SamlAuthnRequestContainerDto samlAuthnRequestContainerDto = new SamlAuthnRequestContainerDto(samlRequestDto.getSamlRequest(), Optional.ofNullable(samlRequestDto.getRelayState()), samlRequestDto.getPrincipalIpAsSeenByFrontend());
SessionId sessionId = sessionProxy.createSession(samlAuthnRequestContainerDto);
return Response.ok(sessionId).build();
}
use of org.opensaml.saml.saml2.core.Issuer in project ddf by codice.
the class LogoutRequestServiceTest method getPostLogoutRequest.
@Test
public void getPostLogoutRequest() throws Exception {
String relayState = UUID.randomUUID().toString();
String encodedSamlRequest = "encodedSamlRequest";
String issuerStr = "issuer";
LogoutRequest logoutRequest = mock(LogoutRequest.class);
Issuer issuer = mock(Issuer.class);
OpenSAMLUtil.initSamlEngine();
LogoutResponse logoutResponse = new LogoutResponseBuilder().buildObject();
when(logoutMessage.extractSamlLogoutRequest(any(String.class))).thenReturn(logoutRequest);
when(logoutRequest.getIssuer()).thenReturn(issuer);
when(logoutRequest.getIssueInstant()).thenReturn(new DateTime());
when(logoutRequest.getVersion()).thenReturn(SAMLVersion.VERSION_20);
when(logoutRequest.getID()).thenReturn("id");
when(issuer.getValue()).thenReturn(issuerStr);
when(logoutMessage.buildLogoutResponse(eq(issuerStr), eq(StatusCode.SUCCESS), anyString())).thenReturn(logoutResponse);
when(idpMetadata.getSingleLogoutBinding()).thenReturn(SamlProtocol.POST_BINDING);
when(idpMetadata.getSingleLogoutLocation()).thenReturn(postLogoutUrl);
Response response = logoutRequestService.postLogoutRequest(encodedSamlRequest, null, relayState);
assertEquals(Response.Status.OK.getStatusCode(), response.getStatus());
assertTrue("Expected logout url of " + postLogoutUrl, response.getEntity().toString().contains(postLogoutUrl));
}
use of org.opensaml.saml.saml2.core.Issuer in project ddf by codice.
the class SamlProtocol method createResponse.
public static Response createResponse(Issuer issuer, Status status, String requestId, Element samlAssertion) throws WSSecurityException {
Response response = responseSAMLObjectBuilder.buildObject();
response.setIssuer(issuer);
response.setStatus(status);
response.setID("_" + UUID.randomUUID().toString());
response.setIssueInstant(new DateTime());
response.setInResponseTo(requestId);
response.setVersion(SAMLVersion.VERSION_20);
if (samlAssertion != null) {
SamlAssertionWrapper samlAssertionWrapper = new SamlAssertionWrapper(samlAssertion);
response.getAssertions().add(samlAssertionWrapper.getSaml2());
}
return response;
}
use of org.opensaml.saml.saml2.core.Issuer in project ddf by codice.
the class SamlProtocol method createLogoutResponse.
public static LogoutResponse createLogoutResponse(Issuer issuer, Status status, String inResponseTo, String id) {
LogoutResponse logoutResponse = logoutResponseBuilder.buildObject();
logoutResponse.setID(id);
logoutResponse.setIssuer(issuer);
logoutResponse.setStatus(status);
if (StringUtils.isNotBlank(inResponseTo)) {
logoutResponse.setInResponseTo(inResponseTo);
}
logoutResponse.setIssueInstant(DateTime.now());
logoutResponse.setVersion(SAMLVersion.VERSION_20);
return logoutResponse;
}
Aggregations