Examples with Response org.opensaml.saml.saml2.core.Response used on opensource projects

Search in sources :

Example 91 with Response

use of org.opensaml.saml.saml2.core.Response in project cxf by apache.

the class SAMLSSOResponseValidatorTest method testAudienceRestrictionMultipleValues.

@org.junit.Test
public void testAudienceRestrictionMultipleValues() throws Exception {
    SubjectConfirmationDataBean subjectConfirmationData = new SubjectConfirmationDataBean();
    subjectConfirmationData.setAddress("http://apache.org");
    subjectConfirmationData.setInResponseTo("12345");
    subjectConfirmationData.setNotAfter(new DateTime().plusMinutes(5));
    subjectConfirmationData.setRecipient("http://recipient.apache.org");
    List<String> values = new ArrayList<>();
    values.add("http://unknown-service.apache.org");
    values.add("http://service.apache.org");
    AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
    audienceRestriction.setAudienceURIs(values);
    Response response = createResponse(subjectConfirmationData, Collections.singletonList(audienceRestriction), null);
    // Validate the Response
    SAMLSSOResponseValidator validator = new SAMLSSOResponseValidator();
    validator.setEnforceAssertionsSigned(false);
    validator.setIssuerIDP("http://cxf.apache.org/issuer");
    validator.setAssertionConsumerURL("http://recipient.apache.org");
    validator.setClientAddress("http://apache.org");
    validator.setRequestId("12345");
    validator.setSpIdentifier("http://service.apache.org");
    validator.validateSamlResponse(response, false);
}
Also used : Response(org.opensaml.saml.saml2.core.Response) AudienceRestrictionBean(org.apache.wss4j.common.saml.bean.AudienceRestrictionBean) SubjectConfirmationDataBean(org.apache.wss4j.common.saml.bean.SubjectConfirmationDataBean) ArrayList(java.util.ArrayList) DateTime(org.joda.time.DateTime)

Example 92 with Response

use of org.opensaml.saml.saml2.core.Response in project cxf by apache.

the class SAMLSSOResponseValidatorTest method testEmptyAudienceRestriction.

@org.junit.Test
public void testEmptyAudienceRestriction() throws Exception {
    SubjectConfirmationDataBean subjectConfirmationData = new SubjectConfirmationDataBean();
    subjectConfirmationData.setAddress("http://apache.org");
    subjectConfirmationData.setInResponseTo("12345");
    subjectConfirmationData.setNotAfter(new DateTime().plusMinutes(5));
    subjectConfirmationData.setRecipient("http://recipient.apache.org");
    AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
    Response response = createResponse(subjectConfirmationData, Collections.singletonList(audienceRestriction), null);
    // Validate the Response
    SAMLSSOResponseValidator validator = new SAMLSSOResponseValidator();
    validator.setEnforceAssertionsSigned(false);
    validator.setIssuerIDP("http://cxf.apache.org/issuer");
    validator.setAssertionConsumerURL("http://recipient.apache.org");
    validator.setClientAddress("http://apache.org");
    validator.setRequestId("12345");
    validator.setSpIdentifier("http://service.apache.org");
    try {
        validator.validateSamlResponse(response, false);
        fail("Expected failure on bad response");
    } catch (WSSecurityException ex) {
    // expected
    }
}
Also used : Response(org.opensaml.saml.saml2.core.Response) AudienceRestrictionBean(org.apache.wss4j.common.saml.bean.AudienceRestrictionBean) SubjectConfirmationDataBean(org.apache.wss4j.common.saml.bean.SubjectConfirmationDataBean) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) DateTime(org.joda.time.DateTime)

Example 93 with Response

use of org.opensaml.saml.saml2.core.Response in project cas by apereo.

the class SamlProfileSamlAssertionBuilder method build.

@Override
public Assertion build(final AuthnRequest authnRequest, final HttpServletRequest request, final HttpServletResponse response, final org.jasig.cas.client.validation.Assertion casAssertion, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) throws SamlException {
    final List<Statement> statements = new ArrayList<>();
    statements.add(this.samlProfileSamlAuthNStatementBuilder.build(authnRequest, request, response, casAssertion, service, adaptor));
    statements.add(this.samlProfileSamlAttributeStatementBuilder.build(authnRequest, request, response, casAssertion, service, adaptor));
    final String id = '_' + String.valueOf(Math.abs(new SecureRandom().nextLong()));
    final Assertion assertion = newAssertion(statements, casProperties.getAuthn().getSamlIdp().getEntityId(), ZonedDateTime.now(ZoneOffset.UTC), id);
    assertion.setSubject(this.samlProfileSamlSubjectBuilder.build(authnRequest, request, response, casAssertion, service, adaptor));
    assertion.setConditions(this.samlProfileSamlConditionsBuilder.build(authnRequest, request, response, casAssertion, service, adaptor));
    signAssertion(assertion, request, response, service, adaptor);
    return assertion;
}
Also used : AuthnStatement(org.opensaml.saml.saml2.core.AuthnStatement) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) Statement(org.opensaml.saml.saml2.core.Statement) ArrayList(java.util.ArrayList) Assertion(org.opensaml.saml.saml2.core.Assertion) SecureRandom(java.security.SecureRandom)

Example 94 with Response

use of org.opensaml.saml.saml2.core.Response in project cas by apereo.

the class SamlProfileSamlSubjectBuilder method buildSubject.

private Subject buildSubject(final HttpServletRequest request, final HttpServletResponse response, final AuthnRequest authnRequest, final Assertion assertion, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) throws SamlException {
    final NameID nameID = this.ssoPostProfileSamlNameIdBuilder.build(authnRequest, request, response, assertion, service, adaptor);
    final ZonedDateTime validFromDate = ZonedDateTime.ofInstant(assertion.getValidFromDate().toInstant(), ZoneOffset.UTC);
    final Subject subject = newSubject(nameID.getFormat(), nameID.getValue(), authnRequest.getAssertionConsumerServiceURL(), validFromDate.plusSeconds(this.skewAllowance), authnRequest.getID());
    subject.setNameID(nameID);
    return subject;
}
Also used : NameID(org.opensaml.saml.saml2.core.NameID) ZonedDateTime(java.time.ZonedDateTime) Subject(org.opensaml.saml.saml2.core.Subject)

Example 95 with Response

use of org.opensaml.saml.saml2.core.Response in project cas by apereo.

the class SamlProfileSaml2ResponseBuilder method encode.

@Override
protected Response encode(final SamlRegisteredService service, final Response samlResponse, final HttpServletResponse httpResponse, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor, final String relayState) throws SamlException {
    try {
        final HTTPPostEncoder encoder = new HTTPPostEncoder();
        encoder.setHttpServletResponse(httpResponse);
        encoder.setVelocityEngine(this.velocityEngineFactory.createVelocityEngine());
        final MessageContext outboundMessageContext = new MessageContext<>();
        SamlIdPUtils.preparePeerEntitySamlEndpointContext(outboundMessageContext, adaptor);
        outboundMessageContext.setMessage(samlResponse);
        SAMLBindingSupport.setRelayState(outboundMessageContext, relayState);
        encoder.setMessageContext(outboundMessageContext);
        encoder.initialize();
        encoder.encode();
        return samlResponse;
    } catch (final Exception e) {
        throw Throwables.propagate(e);
    }
}
Also used : HTTPPostEncoder(org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder) MessageContext(org.opensaml.messaging.context.MessageContext) SamlException(org.apereo.cas.support.saml.SamlException)

Aggregations

Response (org.opensaml.saml.saml2.core.Response)82 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)41 Test (org.junit.Test)41 Element (org.w3c.dom.Element)36 Document (org.w3c.dom.Document)32 DateTime (org.joda.time.DateTime)31 Status (org.opensaml.saml.saml2.core.Status)30 Response (javax.ws.rs.core.Response)29 ResponseBuilder.aResponse (uk.gov.ida.saml.core.test.builders.ResponseBuilder.aResponse)27 LogoutResponse (org.opensaml.saml.saml2.core.LogoutResponse)25 SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)23 SamlValidationResponse (uk.gov.ida.saml.core.validation.SamlValidationResponse)21 Matchers.anyString (org.mockito.Matchers.anyString)20 SAMLCallback (org.apache.wss4j.common.saml.SAMLCallback)18 SubjectConfirmationDataBean (org.apache.wss4j.common.saml.bean.SubjectConfirmationDataBean)18 Assertion (org.opensaml.saml.saml2.core.Assertion)18 AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)18 IOException (java.io.IOException)16 InputStream (java.io.InputStream)15 HttpServletResponse (javax.servlet.http.HttpServletResponse)13
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial