Examples with AuthnRequest org.opensaml.saml2.core.AuthnRequest used on opensource projects

Search in sources :

Example 96 with AuthnRequest

use of org.opensaml.saml2.core.AuthnRequest in project verify-hub by alphagov.

the class IdaAuthnRequestToAuthnRequestTransformer method apply.

@Override
public AuthnRequest apply(TInput originalRequestToIdp) {
    AuthnRequest authnRequest = samlObjectFactory.createAuthnRequest();
    authnRequest.setID(originalRequestToIdp.getId());
    authnRequest.setIssueInstant(originalRequestToIdp.getIssueInstant());
    authnRequest.setDestination(originalRequestToIdp.getDestination().toASCIIString());
    authnRequest.setProtocolBinding(SAMLConstants.SAML2_POST_BINDING_URI);
    Issuer issuer = samlObjectFactory.createIssuer(originalRequestToIdp.getIssuer());
    authnRequest.setIssuer(issuer);
    supplementAuthnRequestWithDetails(originalRequestToIdp, authnRequest);
    return authnRequest;
}
Also used : AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) Issuer(org.opensaml.saml.saml2.core.Issuer)

Example 97 with AuthnRequest

use of org.opensaml.saml2.core.AuthnRequest in project verify-hub by alphagov.

the class SamlMessageSenderHandlerTest method generateAuthnRequestFromHub_shouldAddExternalCommunicationEvent.

@Test
public void generateAuthnRequestFromHub_shouldAddExternalCommunicationEvent() {
    SessionId sessionId = SessionId.createNewSessionId();
    String expectedSamlMessageId = UUID.randomUUID().toString();
    when(sessionProxy.getAuthnRequestFromHub(any(SessionId.class))).thenReturn(new AuthnRequestFromHubContainerDto(samlRequest, postEndPoint, true));
    AuthnRequest authnRequest = anAuthnRequest().withId(expectedSamlMessageId).build();
    when(authnRequestTransformer.apply(samlRequest)).thenReturn(authnRequest);
    SamlMessage authnResponse = samlMessageSenderHandler.generateAuthnRequestFromHub(sessionId, principalIpAddressAsSeenByHub);
    assertThat(authnResponse.getSamlMessage()).isEqualTo(samlRequest);
    assertThat(authnResponse.getPostEndpoint()).isEqualTo(postEndPoint.toString());
    assertThat(authnResponse.getRegistration().isPresent()).isTrue();
    assertThat(authnResponse.getRegistration().get()).isTrue();
    assertThat(authnResponse.getSamlMessageType()).isEqualTo(SamlMessageType.SAML_REQUEST);
    assertThat(authnResponse.getRelayState().isPresent()).isTrue();
    assertThat(authnResponse.getRelayState().get()).isEqualTo(sessionId.getSessionId());
    verify(externalCommunicationEventLogger).logIdpAuthnRequest(expectedSamlMessageId, sessionId, postEndPoint, principalIpAddressAsSeenByHub);
}
Also used : AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) AuthnRequestBuilder.anAuthnRequest(uk.gov.ida.saml.core.test.builders.AuthnRequestBuilder.anAuthnRequest) SamlMessage(uk.gov.ida.hub.samlproxy.controllogic.SamlMessageSenderHandler.SamlMessage) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) AuthnRequestFromHubContainerDto(uk.gov.ida.hub.samlproxy.domain.AuthnRequestFromHubContainerDto) SessionId(uk.gov.ida.common.SessionId) Test(org.junit.jupiter.api.Test)

Example 98 with AuthnRequest

use of org.opensaml.saml2.core.AuthnRequest in project ddf by codice.

the class IdpHandler method createAndSignAuthnRequest.

private String createAndSignAuthnRequest(boolean isPost, boolean wantSigned) throws AuthenticationFailureException {
    String spIssuerId = getSpIssuerId();
    String spAssertionConsumerServiceUrl = getSpAssertionConsumerServiceUrl(spIssuerId);
    AuthnRequest authnRequest = authnRequestBuilder.buildObject();
    Issuer issuer = issuerBuilder.buildObject();
    issuer.setValue(spIssuerId);
    authnRequest.setIssuer(issuer);
    authnRequest.setAssertionConsumerServiceURL(spAssertionConsumerServiceUrl);
    authnRequest.setID("_" + UUID.randomUUID().toString());
    authnRequest.setVersion(SAMLVersion.VERSION_20);
    authnRequest.setIssueInstant(new DateTime());
    authnRequest.setDestination(idpMetadata.getSingleSignOnLocation());
    authnRequest.setProtocolBinding(SamlProtocol.POST_BINDING);
    authnRequest.setNameIDPolicy(SamlpRequestComponentBuilder.createNameIDPolicy(true, SAML2Constants.NAMEID_FORMAT_PERSISTENT, spIssuerId));
    RequestedAuthnContextBuilder requestedAuthnContextBuilder = new RequestedAuthnContextBuilder();
    RequestedAuthnContext requestedAuthnContext = requestedAuthnContextBuilder.buildObject();
    AuthnContextClassRefBuilder authnContextClassRefBuilder = new AuthnContextClassRefBuilder();
    for (String authContextClass : authContextClasses) {
        if (StringUtils.isNotEmpty(authContextClass)) {
            AuthnContextClassRef authnContextClassRef = authnContextClassRefBuilder.buildObject();
            authnContextClassRef.setAuthnContextClassRef(authContextClass);
            requestedAuthnContext.getAuthnContextClassRefs().add(authnContextClassRef);
        }
    }
    authnRequest.setRequestedAuthnContext(requestedAuthnContext);
    return serializeAndSign(isPost, wantSigned, authnRequest);
}
Also used : RequestedAuthnContextBuilder(org.opensaml.saml.saml2.core.impl.RequestedAuthnContextBuilder) RequestedAuthnContext(org.opensaml.saml.saml2.core.RequestedAuthnContext) AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) Issuer(org.opensaml.saml.saml2.core.Issuer) AuthnContextClassRef(org.opensaml.saml.saml2.core.AuthnContextClassRef) AuthnContextClassRefBuilder(org.opensaml.saml.saml2.core.impl.AuthnContextClassRefBuilder) DateTime(org.joda.time.DateTime)

Example 99 with AuthnRequest

use of org.opensaml.saml2.core.AuthnRequest in project oxCore by GluuFederation.

the class AuthRequest method getEnvelopedSignatureRequest.

/**
 * This will generate an Enveloped Digital Signature xml String that you can use
 * for a POST SAML AuthnRequest.
 *
 * @param assertionConsumerServiceUrl
 * @param relayState
 *            optional
 * @return
 * @throws WSSecurityException
 * @throws SecurityException
 * @throws MarshallingException
 * @throws org.opensaml.xml.signature.SignatureException
 * @throws IOException
 * @throws TransformerException
 * @throws XMLStreamException
 * @throws ParserConfigurationException
 */
public String getEnvelopedSignatureRequest(String assertionConsumerServiceUrl, String relayState) throws WSSecurityException, SecurityException, MarshallingException, org.opensaml.xml.signature.SignatureException, IOException, TransformerException, XMLStreamException, ParserConfigurationException {
    String samlRequest = getRequest(false, assertionConsumerServiceUrl);
    AuthnRequest authReq = (AuthnRequest) string2XMLObject(samlRequest);
    Credential credential = this.samlSettings.getCredential();
    org.opensaml.xml.signature.Signature signature = (org.opensaml.xml.signature.Signature) Configuration.getBuilderFactory().getBuilder(org.opensaml.xml.signature.Signature.DEFAULT_ELEMENT_NAME).buildObject(org.opensaml.xml.signature.Signature.DEFAULT_ELEMENT_NAME);
    signature.setSigningCredential(credential);
    signature.setSignatureAlgorithm(this.samlSettings.getSigAlgUrl());
    signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
    SecurityConfiguration secConfig = Configuration.getGlobalSecurityConfiguration();
    SecurityHelper.prepareSignatureParams(signature, credential, secConfig, null);
    authReq.setSignature(signature);
    Configuration.getMarshallerFactory().getMarshaller(authReq).marshall(authReq);
    Signer.signObject(signature);
    String signedRequest = convertDocumentToString(authReq.getDOM().getOwnerDocument());
    LOG.info("\n\n**************************\nSigned Post AuthnRequest:\n" + signedRequest + "\n**************************\n\n");
    return signedRequest;
}
Also used : Credential(org.opensaml.xml.security.credential.Credential) AuthnRequest(org.opensaml.saml2.core.AuthnRequest) Signature(java.security.Signature) SecurityConfiguration(org.opensaml.xml.security.SecurityConfiguration)

Example 100 with AuthnRequest

use of org.opensaml.saml2.core.AuthnRequest in project cas by apereo.

the class SSOPostProfileCallbackHandlerController method handleCallbackProfileRequest.

/**
     * Handle callback profile request.
     *
     * @param response the response
     * @param request  the request
     * @throws Exception the exception
     */
@GetMapping(path = SamlIdPConstants.ENDPOINT_SAML2_SSO_PROFILE_POST_CALLBACK)
protected void handleCallbackProfileRequest(final HttpServletResponse response, final HttpServletRequest request) throws Exception {
    LOGGER.info("Received SAML callback profile request [{}]", request.getRequestURI());
    final AuthnRequest authnRequest = retrieveSamlAuthenticationRequestFromHttpRequest(request);
    if (authnRequest == null) {
        LOGGER.error("Can not validate the request because the original Authn request can not be found.");
        response.setStatus(HttpServletResponse.SC_FORBIDDEN);
        return;
    }
    final String ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET);
    if (StringUtils.isBlank(ticket)) {
        LOGGER.error("Can not validate the request because no [{}] is provided via the request", CasProtocolConstants.PARAMETER_TICKET);
        response.setStatus(HttpServletResponse.SC_FORBIDDEN);
        return;
    }
    final Pair<AuthnRequest, MessageContext> authenticationContext = buildAuthenticationContextPair(request, authnRequest);
    final Assertion assertion = validateRequestAndBuildCasAssertion(response, request, authenticationContext);
    buildSamlResponse(response, request, authenticationContext, assertion);
}
Also used : AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) Assertion(org.jasig.cas.client.validation.Assertion) MessageContext(org.opensaml.messaging.context.MessageContext) GetMapping(org.springframework.web.bind.annotation.GetMapping)

Aggregations

AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)116 Test (org.junit.jupiter.api.Test)35 lombok.val (lombok.val)26 Issuer (org.opensaml.saml.saml2.core.Issuer)21 AuthnRequestBuilder.anAuthnRequest (uk.gov.ida.saml.core.test.builders.AuthnRequestBuilder.anAuthnRequest)15 DateTime (org.joda.time.DateTime)13 IdaAuthnRequestFromHub (uk.gov.ida.saml.hub.domain.IdaAuthnRequestFromHub)12 IdaAuthnRequestBuilder.anIdaAuthnRequest (uk.gov.ida.saml.hub.test.builders.IdaAuthnRequestBuilder.anIdaAuthnRequest)12 AuthnRequest (org.opensaml.saml2.core.AuthnRequest)11 SAMLObjectBuilder (org.opensaml.saml.common.SAMLObjectBuilder)10 MessageContext (org.opensaml.messaging.context.MessageContext)9 RequestedAuthnContext (org.opensaml.saml.saml2.core.RequestedAuthnContext)9 Document (org.w3c.dom.Document)9 SamlRegisteredService (org.apereo.cas.support.saml.services.SamlRegisteredService)8 SamlRegisteredServiceServiceProviderMetadataFacade (org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)8 NameIDPolicy (org.opensaml.saml.saml2.core.NameIDPolicy)8 Element (org.w3c.dom.Element)8 IOException (java.io.IOException)7 XMLObject (org.opensaml.core.xml.XMLObject)7 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)6
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial