Examples with Status org.opensaml.saml.saml2.core.Status used on opensource projects

Search in sources :

Example 91 with Status

use of org.opensaml.saml.saml2.core.Status in project cxf by apache.

the class SAMLResponseValidatorTest method testInvalidSubjectLocality.

@org.junit.Test
public void testInvalidSubjectLocality() throws Exception {
    Document doc = DOMUtils.createDocument();
    Status status = SAML2PResponseComponentBuilder.createStatus(SAMLProtocolResponseValidator.SAML2_STATUSCODE_SUCCESS, null);
    Response response = SAML2PResponseComponentBuilder.createSAMLResponse("http://cxf.apache.org/saml", "http://cxf.apache.org/issuer", status);
    // Create an AuthenticationAssertion
    SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
    callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);
    callbackHandler.setIssuer("http://cxf.apache.org/issuer");
    callbackHandler.setConfirmationMethod(SAML2Constants.CONF_SENDER_VOUCHES);
    callbackHandler.setSubjectLocality("xyz.123", null);
    SAMLCallback samlCallback = new SAMLCallback();
    SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
    SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
    response.getAssertions().add(assertion.getSaml2());
    Element policyElement = OpenSAMLUtil.toDom(response, doc);
    doc.appendChild(policyElement);
    assertNotNull(policyElement);
    Response marshalledResponse = (Response) OpenSAMLUtil.fromDom(policyElement);
    // Validate the Response
    SAMLProtocolResponseValidator validator = new SAMLProtocolResponseValidator();
    try {
        validator.validateSamlResponse(marshalledResponse, null, null);
        fail("Expected failure on an invalid SessionNotOnOrAfter");
    } catch (WSSecurityException ex) {
    // expected
    }
}
Also used : Status(org.opensaml.saml.saml2.core.Status) Response(org.opensaml.saml.saml2.core.Response) Element(org.w3c.dom.Element) SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper) SAMLCallback(org.apache.wss4j.common.saml.SAMLCallback) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) Document(org.w3c.dom.Document)

Example 92 with Status

use of org.opensaml.saml.saml2.core.Status in project verify-hub by alphagov.

the class IdpAuthnResponseTranslatorServiceTest method setup.

@BeforeEach
public void setup() {
    final String idpEntityId = TestEntityIds.STUB_IDP_ONE;
    final String assertionId1 = randomUUID().toString();
    final String assertionId2 = randomUUID().toString();
    final SignatureAlgorithm signatureAlgorithm = new SignatureRSASHA1();
    final DigestAlgorithm digestAlgorithm = new DigestSHA256();
    final AttributeStatement matchingDatasetAttributeStatement = MatchingDatasetAttributeStatementBuilder_1_1.aMatchingDatasetAttributeStatement_1_1().build();
    final AttributeStatement ipAddress = anAttributeStatement().addAttribute(IPAddressAttributeBuilder.anIPAddress().build()).build();
    final Optional<Signature> signature = of(SignatureBuilder.aSignature().build());
    final SignatureImpl signatureImpl = ((SignatureImpl) signature.get());
    signatureImpl.setXMLSignature(BuilderHelper.createXMLSignature(signatureAlgorithm, digestAlgorithm));
    authnStatementAssertion = AssertionBuilder.anAssertion().withId(assertionId1).withIssuer(IssuerBuilder.anIssuer().withIssuerId(idpEntityId).build()).addAttributeStatement(ipAddress).addAuthnStatement(AuthnStatementBuilder.anAuthnStatement().build()).withSignature(SignatureBuilder.aSignature().withSignatureAlgorithm(signatureAlgorithm).withDigestAlgorithm(assertionId1, digestAlgorithm).build()).buildUnencrypted();
    matchingDatasetAssertion = AssertionBuilder.anAssertion().withId(assertionId2).withIssuer(IssuerBuilder.anIssuer().withIssuerId(idpEntityId).build()).addAttributeStatement(matchingDatasetAttributeStatement).withSignature(SignatureBuilder.aSignature().withSignatureAlgorithm(signatureAlgorithm).withDigestAlgorithm(assertionId2, digestAlgorithm).build()).buildUnencrypted();
    when(responseContainer.getSamlResponse()).thenReturn(saml);
    when(assertionBlobEncrypter.encryptAssertionBlob(any(), eq(authStatementUnderlyingAssertionBlob))).thenReturn(encryptedAuthnAssertion);
    when(stringToOpenSamlResponseTransformer.apply(saml)).thenReturn(samlResponse);
    when(samlResponseToIdaResponseIssuedByIdpTransformer.apply(samlResponse)).thenReturn(responseFromIdp);
    when(authStatementAssertion.getUnderlyingAssertionBlob()).thenReturn(authStatementUnderlyingAssertionBlob);
    when(authStatementAssertion.getAuthnContext()).thenReturn(Optional.empty());
    when(authStatementAssertion.getFraudDetectedDetails()).thenReturn(Optional.empty());
    when(authStatementAssertion.getPrincipalIpAddressAsSeenByIdp()).thenReturn(Optional.of(principalIpAddressSeenByIdp));
    when(authnStatementPersistentId.getNameId()).thenReturn("a name id");
    when(authnStatementPersistentId.getNameId()).thenReturn(persistentIdName);
    when(authStatementAssertion.getPersistentId()).thenReturn(authnStatementPersistentId);
    when(responseFromIdp.getIssuer()).thenReturn(responseIssuer);
    when(responseFromIdp.getStatus()).thenReturn(status);
    when(responseFromIdp.getMatchingDatasetAssertion()).thenReturn(empty());
    when(responseFromIdp.getAuthnStatementAssertion()).thenReturn(empty());
    when(responseFromIdp.getSignature()).thenReturn(signature);
    when(samlResponse.getIssuer()).thenReturn(issuer);
    when(stringToAssertionTransformer.apply(authStatementUnderlyingAssertionBlob)).thenReturn(authnStatementAssertion);
    when(stringToAssertionTransformer.apply(matchingDatasetUnderlyingAssertionBlob)).thenReturn(matchingDatasetAssertion);
    InboundResponseFromIdpDataGenerator inboundResponseFromIdpDataGenerator = new InboundResponseFromIdpDataGenerator(assertionBlobEncrypter);
    service = new IdpAuthnResponseTranslatorService(stringToOpenSamlResponseTransformer, stringToAssertionTransformer, samlResponseToIdaResponseIssuedByIdpTransformer, inboundResponseFromIdpDataGenerator, idpAssertionMetricsCollector, transactionsConfigProxy);
}
Also used : DigestSHA256(org.opensaml.xmlsec.algorithm.descriptors.DigestSHA256) SignatureRSASHA1(org.opensaml.xmlsec.algorithm.descriptors.SignatureRSASHA1) AttributeStatementBuilder.anAttributeStatement(uk.gov.ida.saml.core.test.builders.AttributeStatementBuilder.anAttributeStatement) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) Signature(org.opensaml.xmlsec.signature.Signature) SignatureAlgorithm(org.opensaml.xmlsec.algorithm.SignatureAlgorithm) SignatureImpl(org.opensaml.xmlsec.signature.impl.SignatureImpl) InboundResponseFromIdpDataGenerator(uk.gov.ida.saml.hub.transformers.inbound.InboundResponseFromIdpDataGenerator) DigestAlgorithm(org.opensaml.xmlsec.algorithm.DigestAlgorithm) BeforeEach(org.junit.jupiter.api.BeforeEach)

Example 93 with Status

use of org.opensaml.saml.saml2.core.Status in project verify-hub by alphagov.

the class MatchingServiceResponseTranslatorServiceTest method setUpForTranslate.

private void setUpForTranslate(Optional<AuthnContext> authnContext, Optional<FraudDetectedDetails> fraudDetectedDetails, String encryptedAssertion, String inResponseTo, String issuer, String samlResponse, MatchingServiceIdaStatus status) {
    final PassthroughAssertion assertion = new PassthroughAssertion(new PersistentId("persistentId"), authnContext, encryptedAssertion, fraudDetectedDetails, Optional.of("principalIpAddressAsSeenByIdp"));
    final InboundResponseFromMatchingService inboundResponseFromMatchingService = InboundResponseFromMatchingServiceBuilder.anInboundResponseFromMatchingService().withInResponseTo(inResponseTo).withIssuerId(issuer).withMatchingServiceAssertion(assertion).withStatus(status).build();
    Response response = mock(Response.class);
    Issuer responseIssuer = mock(Issuer.class);
    when(response.getIssuer()).thenReturn(responseIssuer);
    when(responseUnmarshaller.apply(samlResponse)).thenReturn(response);
    when(responseToInboundResponseFromMatchingServiceTransformer.transform(response)).thenReturn(inboundResponseFromMatchingService);
    when(assertionBlobEncrypter.encryptAssertionBlob(eq(TEST_RP), any())).thenReturn(encryptedAssertion);
}
Also used : Response(org.opensaml.saml.saml2.core.Response) PassthroughAssertion(uk.gov.ida.saml.core.domain.PassthroughAssertion) Issuer(org.opensaml.saml.saml2.core.Issuer) PersistentId(uk.gov.ida.saml.core.domain.PersistentId) InboundResponseFromMatchingService(uk.gov.ida.saml.hub.domain.InboundResponseFromMatchingService)

Example 94 with Status

use of org.opensaml.saml.saml2.core.Status in project verify-hub by alphagov.

the class IdpIdaStatusMarshallerTest method transform_shouldTransformAuthnFailedWithNoSubStatus.

@Test
public void transform_shouldTransformAuthnFailedWithNoSubStatus() {
    Status transformedStatus = marshaller.toSamlStatus(IdpIdaStatus.authenticationFailed());
    assertThat(transformedStatus.getStatusCode().getValue()).isEqualTo(StatusCode.RESPONDER);
    assertThat(transformedStatus.getStatusCode().getStatusCode().getValue()).isEqualTo(StatusCode.AUTHN_FAILED);
    assertThat(transformedStatus.getStatusCode().getStatusCode().getStatusCode()).isNull();
}
Also used : Status(org.opensaml.saml.saml2.core.Status) IdpIdaStatus(uk.gov.ida.saml.hub.domain.IdpIdaStatus) Test(org.junit.jupiter.api.Test)

Example 95 with Status

use of org.opensaml.saml.saml2.core.Status in project verify-hub by alphagov.

the class IdpIdaStatusMarshallerTest method shouldMarshallStatusDetailWithStatusValueContainingAuthnCancelInCaseOfAuthenticationCancelled.

@Test
public void shouldMarshallStatusDetailWithStatusValueContainingAuthnCancelInCaseOfAuthenticationCancelled() {
    Status status = marshaller.toSamlStatus(IdpIdaStatus.authenticationCancelled());
    StatusValue actual = (StatusValue) status.getStatusDetail().getOrderedChildren().get(0);
    assertThat(actual.getNamespaces()).isEmpty();
    assertThat(actual.getValue()).isEqualTo(StatusValue.CANCEL);
}
Also used : Status(org.opensaml.saml.saml2.core.Status) IdpIdaStatus(uk.gov.ida.saml.hub.domain.IdpIdaStatus) StatusValue(uk.gov.ida.saml.core.extensions.StatusValue) Test(org.junit.jupiter.api.Test)

Aggregations

Status (org.opensaml.saml.saml2.core.Status)103 Test (org.junit.jupiter.api.Test)83 Response (org.opensaml.saml.saml2.core.Response)59 StatusCode (org.opensaml.saml.saml2.core.StatusCode)33 IdpIdaStatus (uk.gov.ida.saml.hub.domain.IdpIdaStatus)33 ResponseBuilder.aResponse (uk.gov.ida.saml.core.test.builders.ResponseBuilder.aResponse)27 SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)22 SAMLCallback (org.apache.wss4j.common.saml.SAMLCallback)20 Document (org.w3c.dom.Document)20 TransactionIdaStatus (uk.gov.ida.saml.core.domain.TransactionIdaStatus)20 Element (org.w3c.dom.Element)19 StatusBuilder.aStatus (uk.gov.ida.saml.core.test.builders.StatusBuilder.aStatus)19 DateTime (org.joda.time.DateTime)17 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)16 ResponseValidatorTestHelper.createStatus (uk.gov.ida.saml.hub.validators.response.helpers.ResponseValidatorTestHelper.createStatus)16 OpenSamlXmlObjectFactory (uk.gov.ida.saml.core.OpenSamlXmlObjectFactory)14 StatusCodeBuilder.aStatusCode (uk.gov.ida.saml.core.test.builders.StatusCodeBuilder.aStatusCode)14 Crypto (org.apache.wss4j.common.crypto.Crypto)9 SamlStatusCode (uk.gov.ida.saml.core.domain.SamlStatusCode)9 InputStream (java.io.InputStream)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial