Examples with Response - org.opensaml.saml.saml2.ecp.Response

Example 96 with Response

use of org.opensaml.saml.saml2.ecp.Response in project ddf by codice.

the class LogoutRequestServiceTest method testGetLogoutRequest.

@Test
public void testGetLogoutRequest() throws Exception {
    String signature = "signature";
    String signatureAlgorithm = "sha1";
    String relayState = UUID.randomUUID().toString();
    String deflatedSamlRequest = RestSecurity.deflateAndBase64Encode("deflatedSamlRequest");
    LogoutRequest logoutRequest = mock(LogoutRequest.class);
    when(logoutMessage.extractSamlLogoutRequest(eq("deflatedSamlRequest"))).thenReturn(logoutRequest);
    when(logoutMessage.signSamlGetResponse(any(LogoutRequest.class), any(URI.class), anyString())).thenReturn(new URI(redirectLogoutUrl));
    Response response = logoutRequestService.getLogoutRequest(deflatedSamlRequest, null, relayState, signatureAlgorithm, signature);
    assertEquals(Response.Status.OK.getStatusCode(), response.getStatus());
    assertTrue("Expected logout url of " + redirectLogoutUrl, response.getEntity().toString().contains(redirectLogoutUrl));
}

Also used : LogoutResponse(org.opensaml.saml.saml2.core.LogoutResponse) Response(javax.ws.rs.core.Response) LogoutRequest(org.opensaml.saml.saml2.core.LogoutRequest) Matchers.anyString(org.mockito.Matchers.anyString) URI(java.net.URI) Test(org.junit.Test)

Example 97 with Response

use of org.opensaml.saml.saml2.ecp.Response in project ddf by codice.

the class LogoutRequestService method postLogoutRequest.

@POST
@Produces(MediaType.APPLICATION_FORM_URLENCODED)
public Response postLogoutRequest(@FormParam(SAML_REQUEST) String encodedSamlRequest, @FormParam(SAML_REQUEST) String encodedSamlResponse, @FormParam(RELAY_STATE) String relayState) {
    if (encodedSamlRequest != null) {
        try {
            LogoutRequest logoutRequest = logoutMessage.extractSamlLogoutRequest(decodeBase64(encodedSamlRequest));
            if (logoutRequest == null) {
                String msg = "Unable to parse logout request.";
                LOGGER.debug(msg);
                return buildLogoutResponse(msg);
            }
            new SamlValidator.Builder(simpleSign).buildAndValidate(request.getRequestURL().toString(), SamlProtocol.Binding.HTTP_POST, logoutRequest);
            logout();
            LogoutResponse logoutResponse = logoutMessage.buildLogoutResponse(logoutRequest.getIssuer().getValue(), StatusCode.SUCCESS, logoutRequest.getID());
            return getLogoutResponse(relayState, logoutResponse);
        } catch (WSSecurityException e) {
            String msg = "Failed to sign logout response.";
            LOGGER.info(msg, e);
            return buildLogoutResponse(msg);
        } catch (ValidationException e) {
            String msg = "Unable to validate";
            LOGGER.info(msg, e);
            return buildLogoutResponse(msg);
        } catch (XMLStreamException e) {
            String msg = "Unable to parse logout request.";
            LOGGER.info(msg, e);
            return buildLogoutResponse(msg);
        }
    } else {
        try {
            LogoutResponse logoutResponse = logoutMessage.extractSamlLogoutResponse(decodeBase64(encodedSamlResponse));
            if (logoutResponse == null) {
                String msg = "Unable to parse logout response.";
                LOGGER.info(msg);
                return buildLogoutResponse(msg);
            }
            new SamlValidator.Builder(simpleSign).buildAndValidate(request.getRequestURL().toString(), SamlProtocol.Binding.HTTP_POST, logoutResponse);
        } catch (ValidationException e) {
            String msg = "Unable to validate";
            LOGGER.info(msg, e);
            return buildLogoutResponse(msg);
        } catch (WSSecurityException | XMLStreamException e) {
            String msg = "Unable to parse logout response.";
            LOGGER.info(msg, e);
            return buildLogoutResponse(msg);
        }
        String nameId = "You";
        String decodedValue;
        if (relayState != null && (decodedValue = relayStates.decode(relayState)) != null) {
            nameId = decodedValue;
        }
        return buildLogoutResponse(nameId + " logged out successfully.");
    }
}

Also used : ValidationException(ddf.security.samlp.ValidationException) LogoutResponse(org.opensaml.saml.saml2.core.LogoutResponse) XMLStreamException(javax.xml.stream.XMLStreamException) SamlValidator(ddf.security.samlp.impl.SamlValidator) LogoutRequest(org.opensaml.saml.saml2.core.LogoutRequest) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) POST(javax.ws.rs.POST) Produces(javax.ws.rs.Produces)

Example 98 with Response

use of org.opensaml.saml.saml2.ecp.Response in project ddf by codice.

the class LogoutRequestServiceTest method testGetLogoutRequestResponseNotParsable.

@Test
public void testGetLogoutRequestResponseNotParsable() throws Exception {
    String signature = "signature";
    String signatureAlgorithm = "sha1";
    String relayState = UUID.randomUUID().toString();
    String deflatedSamlResponse = RestSecurity.deflateAndBase64Encode("deflatedSamlResponse");
    when(logoutMessage.extractSamlLogoutResponse(eq("deflatedSamlResponse"))).thenReturn(null);
    Response response = logoutRequestService.getLogoutRequest(null, deflatedSamlResponse, relayState, signatureAlgorithm, signature);
    assertEquals(Response.Status.SEE_OTHER.getStatusCode(), response.getStatus());
    String msg = "Unable to parse logout response.".replaceAll(" ", "+");
    assertTrue("Expected message containing " + msg, response.getLocation().getQuery().contains(msg));
}

Also used : LogoutResponse(org.opensaml.saml.saml2.core.LogoutResponse) Response(javax.ws.rs.core.Response) Matchers.anyString(org.mockito.Matchers.anyString) Test(org.junit.Test)

Example 99 with Response

use of org.opensaml.saml.saml2.ecp.Response in project ddf by codice.

the class LogoutRequestServiceTest method getPostLogoutRequestNotParsable.

@Test
public void getPostLogoutRequestNotParsable() throws Exception {
    String relayState = UUID.randomUUID().toString();
    String encodedSamlRequest = "encodedSamlRequest";
    Response response = logoutRequestService.postLogoutRequest(encodedSamlRequest, null, relayState);
    assertEquals(Response.Status.SEE_OTHER.getStatusCode(), response.getStatus());
    String msg = "Unable to parse logout request.".replaceAll(" ", "+");
    assertTrue("Expected message containing " + msg, response.getLocation().getQuery().contains(msg));
}

Also used : LogoutResponse(org.opensaml.saml.saml2.core.LogoutResponse) Response(javax.ws.rs.core.Response) Matchers.anyString(org.mockito.Matchers.anyString) Test(org.junit.Test)

Example 100 with Response

use of org.opensaml.saml.saml2.ecp.Response in project ddf by codice.

the class LogoutRequestServiceTest method testGetLogoutRequestResponseInvalidSignature.

@Test
public void testGetLogoutRequestResponseInvalidSignature() throws Exception {
    String signature = "signature";
    String signatureAlgorithm = "sha1";
    String relayState = UUID.randomUUID().toString();
    String deflatedSamlResponse = RestSecurity.deflateAndBase64Encode("deflatedSamlResponse");
    LogoutResponse logoutResponse = mock(LogoutResponse.class);
    when(logoutMessage.extractSamlLogoutResponse(eq("deflatedSamlResponse"))).thenReturn(logoutResponse);
    LogoutRequestService lrs = new LogoutRequestService(simpleSign, idpMetadata, relayStates);
    lrs.setEncryptionService(encryptionService);
    lrs.setLogOutPageTimeOut(LOGOUT_PAGE_TIMEOUT);
    lrs.setLogoutMessage(logoutMessage);
    lrs.setRequest(request);
    lrs.setSessionFactory(sessionFactory);
    lrs.init();
    Response response = lrs.getLogoutRequest(null, deflatedSamlResponse, relayState, signatureAlgorithm, signature);
    assertEquals(Response.Status.SEE_OTHER.getStatusCode(), response.getStatus());
    String msg = "Unable to validate".replaceAll(" ", "+");
    assertTrue("Expected message containing " + msg, response.getLocation().getQuery().contains(msg));
}

Also used : LogoutResponse(org.opensaml.saml.saml2.core.LogoutResponse) Response(javax.ws.rs.core.Response) LogoutResponse(org.opensaml.saml.saml2.core.LogoutResponse) Matchers.anyString(org.mockito.Matchers.anyString) Test(org.junit.Test)

Aggregations

Response (org.opensaml.saml.saml2.core.Response)82 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)41 Test (org.junit.Test)41 Element (org.w3c.dom.Element)35 Document (org.w3c.dom.Document)31 DateTime (org.joda.time.DateTime)30 Status (org.opensaml.saml.saml2.core.Status)30 Response (javax.ws.rs.core.Response)29 ResponseBuilder.aResponse (uk.gov.ida.saml.core.test.builders.ResponseBuilder.aResponse)27 LogoutResponse (org.opensaml.saml.saml2.core.LogoutResponse)25 SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)23 SamlValidationResponse (uk.gov.ida.saml.core.validation.SamlValidationResponse)21 Matchers.anyString (org.mockito.Matchers.anyString)20 SAMLCallback (org.apache.wss4j.common.saml.SAMLCallback)18 SubjectConfirmationDataBean (org.apache.wss4j.common.saml.bean.SubjectConfirmationDataBean)18 Assertion (org.opensaml.saml.saml2.core.Assertion)18 AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)18 InputStream (java.io.InputStream)15 IOException (java.io.IOException)13 Crypto (org.apache.wss4j.common.crypto.Crypto)13