Search in sources :

Example 86 with AuthnRequest

use of org.opensaml.saml2.core.AuthnRequest in project verify-hub by alphagov.

the class IdaAuthnRequestFromHubToAuthnRequestTransformerTest method shouldSetForceAuthnToFalse.

@Test
public void shouldSetForceAuthnToFalse() {
    IdaAuthnRequestFromHub originalRequestFromTransaction = anIdaAuthnRequest().withForceAuthentication(Optional.of(false)).buildFromHub();
    AuthnRequest transformedRequest = transformer.apply(originalRequestFromTransaction);
    assertThat(transformedRequest.isForceAuthn()).isEqualTo(false);
    originalRequestFromTransaction = anIdaAuthnRequest().withForceAuthentication(Optional.empty()).buildFromHub();
    transformedRequest = transformer.apply(originalRequestFromTransaction);
    assertThat(transformedRequest.isForceAuthn()).isEqualTo(false);
}
Also used : IdaAuthnRequestFromHub(uk.gov.ida.saml.hub.domain.IdaAuthnRequestFromHub) IdaAuthnRequestBuilder.anIdaAuthnRequest(uk.gov.ida.saml.hub.test.builders.IdaAuthnRequestBuilder.anIdaAuthnRequest) AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) Test(org.junit.jupiter.api.Test)

Example 87 with AuthnRequest

use of org.opensaml.saml2.core.AuthnRequest in project verify-hub by alphagov.

the class AuthnRequestFromRelyingPartyUnmarshallerTest method fromSamlMessage_shouldMapAuthnRequestToAuthnRequestFromRelyingParty.

@Test
public void fromSamlMessage_shouldMapAuthnRequestToAuthnRequestFromRelyingParty() throws Exception {
    DateTime issueInstant = new DateTime();
    SignatureImpl signature = new SignatureBuilder().buildObject();
    AuthnRequest authnRequest = new AuthnRequestBuilder().buildObject();
    authnRequest.setID("some-id");
    Issuer issuer = new IssuerBuilder().buildObject();
    issuer.setValue("some-service-entity-id");
    authnRequest.setIssuer(issuer);
    authnRequest.setIssueInstant(issueInstant);
    authnRequest.setDestination("http://example.com");
    authnRequest.setForceAuthn(true);
    authnRequest.setAssertionConsumerServiceURL("some-url");
    authnRequest.setAssertionConsumerServiceIndex(5);
    authnRequest.setSignature(signature);
    authnRequest.setExtensions(createApplicationVersionExtensions("some-version"));
    AuthnRequestFromRelyingParty authnRequestFromRelyingParty = unmarshaller.fromSamlMessage(authnRequest);
    AuthnRequestFromRelyingParty expected = new AuthnRequestFromRelyingParty("some-id", "some-service-entity-id", issueInstant, URI.create("http://example.com"), Optional.of(true), Optional.of(URI.create("some-url")), Optional.of(5), Optional.of(signature), Optional.of("some-version"));
    assertThat(authnRequestFromRelyingParty).isEqualTo(expected);
}
Also used : SignatureBuilder(org.opensaml.xmlsec.signature.impl.SignatureBuilder) AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) Issuer(org.opensaml.saml.saml2.core.Issuer) AuthnRequestFromRelyingParty(uk.gov.ida.saml.hub.domain.AuthnRequestFromRelyingParty) AuthnRequestBuilder(org.opensaml.saml.saml2.core.impl.AuthnRequestBuilder) IssuerBuilder(org.opensaml.saml.saml2.core.impl.IssuerBuilder) SignatureImpl(org.opensaml.xmlsec.signature.impl.SignatureImpl) DateTime(org.joda.time.DateTime) Test(org.junit.jupiter.api.Test)

Example 88 with AuthnRequest

use of org.opensaml.saml2.core.AuthnRequest in project verify-hub by alphagov.

the class AuthnRequestFromTransactionValidatorTest method validateRequest_shouldThrowExceptionIfIsDuplicateRequestIdIsPresent.

@Test
public void validateRequest_shouldThrowExceptionIfIsDuplicateRequestIdIsPresent() {
    final String requestId = generateRequestId();
    final String oneIssuerId = "some-issuer-id";
    final String anotherIssuerId = "some-other-issuer-id";
    final AuthnRequest authnRequest = anAuthnRequest().withId(requestId).withIssuer(anIssuer().withIssuerId(oneIssuerId).build()).build();
    validator.validate(authnRequest);
    final AuthnRequest duplicateIdAuthnRequest = anAuthnRequest().withId(requestId).withIssuer(anIssuer().withIssuerId(anotherIssuerId).build()).build();
    validateException(assertThrows(SamlTransformationErrorException.class, () -> validator.validate(duplicateIdAuthnRequest)), SamlTransformationErrorFactory.duplicateRequestId(requestId, duplicateIdAuthnRequest.getIssuer().getValue()));
}
Also used : AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) AuthnRequestBuilder.anAuthnRequest(uk.gov.ida.saml.core.test.builders.AuthnRequestBuilder.anAuthnRequest) SamlTransformationErrorException(uk.gov.ida.saml.core.validation.SamlTransformationErrorException) Test(org.junit.jupiter.api.Test)

Example 89 with AuthnRequest

use of org.opensaml.saml2.core.AuthnRequest in project verify-hub by alphagov.

the class AuthnRequestFromTransactionValidatorTest method validate_shouldThrowExceptionIfVersionNumberIsMissing.

@Test
public void validate_shouldThrowExceptionIfVersionNumberIsMissing() {
    AuthnRequest authnRequest = anAuthnRequest().withVersionNumber(null).build();
    validateException(assertThrows(SamlTransformationErrorException.class, () -> validator.validate(authnRequest)), SamlTransformationErrorFactory.missingRequestVersion(authnRequest.getID()));
}
Also used : AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) AuthnRequestBuilder.anAuthnRequest(uk.gov.ida.saml.core.test.builders.AuthnRequestBuilder.anAuthnRequest) SamlTransformationErrorException(uk.gov.ida.saml.core.validation.SamlTransformationErrorException) Test(org.junit.jupiter.api.Test)

Example 90 with AuthnRequest

use of org.opensaml.saml2.core.AuthnRequest in project verify-hub by alphagov.

the class AuthnRequestFromTransactionValidatorTest method validateRequest_shouldThrowExceptionIfRequestIsTooOld.

@Test
public void validateRequest_shouldThrowExceptionIfRequestIsTooOld() {
    DateTimeFreezer.freezeTime();
    String requestId = generateRequestId();
    DateTime issueInstant = DateTime.now().minusMinutes(5).minusSeconds(1);
    final AuthnRequest authnRequest = anAuthnRequest().withId(requestId).withIssueInstant(issueInstant).build();
    validateException(assertThrows(SamlTransformationErrorException.class, () -> validator.validate(authnRequest)), SamlTransformationErrorFactory.requestTooOld(requestId, issueInstant.withZone(DateTimeZone.UTC), DateTime.now()));
}
Also used : AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) AuthnRequestBuilder.anAuthnRequest(uk.gov.ida.saml.core.test.builders.AuthnRequestBuilder.anAuthnRequest) SamlTransformationErrorException(uk.gov.ida.saml.core.validation.SamlTransformationErrorException) DateTime(org.joda.time.DateTime) Test(org.junit.jupiter.api.Test)

Aggregations

AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)116 Test (org.junit.jupiter.api.Test)35 lombok.val (lombok.val)26 Issuer (org.opensaml.saml.saml2.core.Issuer)21 AuthnRequest (org.opensaml.saml2.core.AuthnRequest)15 AuthnRequestBuilder.anAuthnRequest (uk.gov.ida.saml.core.test.builders.AuthnRequestBuilder.anAuthnRequest)15 DateTime (org.joda.time.DateTime)14 IdaAuthnRequestFromHub (uk.gov.ida.saml.hub.domain.IdaAuthnRequestFromHub)12 IdaAuthnRequestBuilder.anIdaAuthnRequest (uk.gov.ida.saml.hub.test.builders.IdaAuthnRequestBuilder.anIdaAuthnRequest)12 SAMLObjectBuilder (org.opensaml.saml.common.SAMLObjectBuilder)10 MessageContext (org.opensaml.messaging.context.MessageContext)9 RequestedAuthnContext (org.opensaml.saml.saml2.core.RequestedAuthnContext)9 Document (org.w3c.dom.Document)9 SamlRegisteredService (org.apereo.cas.support.saml.services.SamlRegisteredService)8 SamlRegisteredServiceServiceProviderMetadataFacade (org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)8 NameIDPolicy (org.opensaml.saml.saml2.core.NameIDPolicy)8 Element (org.w3c.dom.Element)8 IOException (java.io.IOException)7 XMLObject (org.opensaml.core.xml.XMLObject)7 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)6