use of org.opensaml.saml.saml2.ecp.RelayState in project ddf by codice.
the class LogoutRequestServiceTest method testGetLogoutRequest.
@Test
public void testGetLogoutRequest() throws Exception {
String signature = "signature";
String signatureAlgorithm = "sha1";
String relayState = UUID.randomUUID().toString();
String deflatedSamlRequest = RestSecurity.deflateAndBase64Encode("deflatedSamlRequest");
LogoutRequest logoutRequest = mock(LogoutRequest.class);
when(logoutMessage.extractSamlLogoutRequest(eq("deflatedSamlRequest"))).thenReturn(logoutRequest);
when(logoutMessage.signSamlGetResponse(any(LogoutRequest.class), any(URI.class), anyString())).thenReturn(new URI(redirectLogoutUrl));
Response response = logoutRequestService.getLogoutRequest(deflatedSamlRequest, null, relayState, signatureAlgorithm, signature);
assertEquals(Response.Status.OK.getStatusCode(), response.getStatus());
assertTrue("Expected logout url of " + redirectLogoutUrl, response.getEntity().toString().contains(redirectLogoutUrl));
}
use of org.opensaml.saml.saml2.ecp.RelayState in project ddf by codice.
the class LogoutRequestService method postLogoutRequest.
@POST
@Produces(MediaType.APPLICATION_FORM_URLENCODED)
public Response postLogoutRequest(@FormParam(SAML_REQUEST) String encodedSamlRequest, @FormParam(SAML_REQUEST) String encodedSamlResponse, @FormParam(RELAY_STATE) String relayState) {
if (encodedSamlRequest != null) {
try {
LogoutRequest logoutRequest = logoutMessage.extractSamlLogoutRequest(decodeBase64(encodedSamlRequest));
if (logoutRequest == null) {
String msg = "Unable to parse logout request.";
LOGGER.debug(msg);
return buildLogoutResponse(msg);
}
new SamlValidator.Builder(simpleSign).buildAndValidate(request.getRequestURL().toString(), SamlProtocol.Binding.HTTP_POST, logoutRequest);
logout();
LogoutResponse logoutResponse = logoutMessage.buildLogoutResponse(logoutRequest.getIssuer().getValue(), StatusCode.SUCCESS, logoutRequest.getID());
return getLogoutResponse(relayState, logoutResponse);
} catch (WSSecurityException e) {
String msg = "Failed to sign logout response.";
LOGGER.info(msg, e);
return buildLogoutResponse(msg);
} catch (ValidationException e) {
String msg = "Unable to validate";
LOGGER.info(msg, e);
return buildLogoutResponse(msg);
} catch (XMLStreamException e) {
String msg = "Unable to parse logout request.";
LOGGER.info(msg, e);
return buildLogoutResponse(msg);
}
} else {
try {
LogoutResponse logoutResponse = logoutMessage.extractSamlLogoutResponse(decodeBase64(encodedSamlResponse));
if (logoutResponse == null) {
String msg = "Unable to parse logout response.";
LOGGER.info(msg);
return buildLogoutResponse(msg);
}
new SamlValidator.Builder(simpleSign).buildAndValidate(request.getRequestURL().toString(), SamlProtocol.Binding.HTTP_POST, logoutResponse);
} catch (ValidationException e) {
String msg = "Unable to validate";
LOGGER.info(msg, e);
return buildLogoutResponse(msg);
} catch (WSSecurityException | XMLStreamException e) {
String msg = "Unable to parse logout response.";
LOGGER.info(msg, e);
return buildLogoutResponse(msg);
}
String nameId = "You";
String decodedValue;
if (relayState != null && (decodedValue = relayStates.decode(relayState)) != null) {
nameId = decodedValue;
}
return buildLogoutResponse(nameId + " logged out successfully.");
}
}
use of org.opensaml.saml.saml2.ecp.RelayState in project ddf by codice.
the class LogoutRequestServiceTest method testGetLogoutRequestResponseNotParsable.
@Test
public void testGetLogoutRequestResponseNotParsable() throws Exception {
String signature = "signature";
String signatureAlgorithm = "sha1";
String relayState = UUID.randomUUID().toString();
String deflatedSamlResponse = RestSecurity.deflateAndBase64Encode("deflatedSamlResponse");
when(logoutMessage.extractSamlLogoutResponse(eq("deflatedSamlResponse"))).thenReturn(null);
Response response = logoutRequestService.getLogoutRequest(null, deflatedSamlResponse, relayState, signatureAlgorithm, signature);
assertEquals(Response.Status.SEE_OTHER.getStatusCode(), response.getStatus());
String msg = "Unable to parse logout response.".replaceAll(" ", "+");
assertTrue("Expected message containing " + msg, response.getLocation().getQuery().contains(msg));
}
use of org.opensaml.saml.saml2.ecp.RelayState in project ddf by codice.
the class LogoutRequestServiceTest method getPostLogoutRequestNotParsable.
@Test
public void getPostLogoutRequestNotParsable() throws Exception {
String relayState = UUID.randomUUID().toString();
String encodedSamlRequest = "encodedSamlRequest";
Response response = logoutRequestService.postLogoutRequest(encodedSamlRequest, null, relayState);
assertEquals(Response.Status.SEE_OTHER.getStatusCode(), response.getStatus());
String msg = "Unable to parse logout request.".replaceAll(" ", "+");
assertTrue("Expected message containing " + msg, response.getLocation().getQuery().contains(msg));
}
use of org.opensaml.saml.saml2.ecp.RelayState in project ddf by codice.
the class LogoutRequestServiceTest method testGetLogoutRequestResponseInvalidSignature.
@Test
public void testGetLogoutRequestResponseInvalidSignature() throws Exception {
String signature = "signature";
String signatureAlgorithm = "sha1";
String relayState = UUID.randomUUID().toString();
String deflatedSamlResponse = RestSecurity.deflateAndBase64Encode("deflatedSamlResponse");
LogoutResponse logoutResponse = mock(LogoutResponse.class);
when(logoutMessage.extractSamlLogoutResponse(eq("deflatedSamlResponse"))).thenReturn(logoutResponse);
LogoutRequestService lrs = new LogoutRequestService(simpleSign, idpMetadata, relayStates);
lrs.setEncryptionService(encryptionService);
lrs.setLogOutPageTimeOut(LOGOUT_PAGE_TIMEOUT);
lrs.setLogoutMessage(logoutMessage);
lrs.setRequest(request);
lrs.setSessionFactory(sessionFactory);
lrs.init();
Response response = lrs.getLogoutRequest(null, deflatedSamlResponse, relayState, signatureAlgorithm, signature);
assertEquals(Response.Status.SEE_OTHER.getStatusCode(), response.getStatus());
String msg = "Unable to validate".replaceAll(" ", "+");
assertTrue("Expected message containing " + msg, response.getLocation().getQuery().contains(msg));
}
Aggregations