use of org.opensaml.saml2.core.EncryptedAssertion in project verify-hub by alphagov.
the class AssertionDecrypter method decryptAssertion.
public Assertion decryptAssertion(String base64EncodedBlob) {
Element assertionElement = parseXml(new String(Base64.decodeBase64(base64EncodedBlob)));
EncryptedAssertion encryptedAssertion = unmarshall(assertionElement);
return decrypt(encryptedAssertion);
}
use of org.opensaml.saml2.core.EncryptedAssertion in project verify-hub by alphagov.
the class EncryptedResponseFromIdpValidatorTest method validate_shouldThrowIfResponseContainsTooManyAssertions.
@Test
public void validate_shouldThrowIfResponseContainsTooManyAssertions() throws Exception {
EncryptedAssertion assertion = anAssertion().build();
Response response = getResponseBuilderWithTwoAssertions().addEncryptedAssertion(assertion).build();
assertValidationFailure(response, unexpectedNumberOfAssertions(2, 3));
}
use of org.opensaml.saml2.core.EncryptedAssertion in project verify-hub by alphagov.
the class EncryptedAssertionUnmarshaller method transform.
public EncryptedAssertion transform(String assertionString) {
EncryptedAssertion assertion = stringAssertionTransformer.apply(assertionString);
assertion.detach();
return assertion;
}
use of org.opensaml.saml2.core.EncryptedAssertion in project spring-security by spring-projects.
the class OpenSamlAuthenticationProviderTests method authenticateWhenDecryptionKeysAreWrongThenThrowAuthenticationException.
@Test
public void authenticateWhenDecryptionKeysAreWrongThenThrowAuthenticationException() {
Response response = response();
EncryptedAssertion encryptedAssertion = TestOpenSamlObjects.encrypted(assertion(), TestSaml2X509Credentials.assertingPartyEncryptingCredential());
response.getEncryptedAssertions().add(encryptedAssertion);
TestOpenSamlObjects.signed(response, TestSaml2X509Credentials.assertingPartySigningCredential(), RELYING_PARTY_ENTITY_ID);
Saml2AuthenticationToken token = token(response, registration().decryptionX509Credentials((c) -> c.add(TestSaml2X509Credentials.assertingPartyPrivateCredential())));
assertThatExceptionOfType(Saml2AuthenticationException.class).isThrownBy(() -> this.provider.authenticate(token)).satisfies(errorOf(Saml2ErrorCodes.DECRYPTION_ERROR, "Failed to decrypt EncryptedData"));
}
use of org.opensaml.saml2.core.EncryptedAssertion in project spring-security by spring-projects.
the class OpenSamlAuthenticationProviderTests method writeObjectWhenTypeIsSaml2AuthenticationThenNoException.
@Test
public void writeObjectWhenTypeIsSaml2AuthenticationThenNoException() throws IOException {
Response response = response();
Assertion assertion = TestOpenSamlObjects.signed(assertion(), TestSaml2X509Credentials.assertingPartySigningCredential(), RELYING_PARTY_ENTITY_ID);
EncryptedAssertion encryptedAssertion = TestOpenSamlObjects.encrypted(assertion, TestSaml2X509Credentials.assertingPartyEncryptingCredential());
response.getEncryptedAssertions().add(encryptedAssertion);
TestOpenSamlObjects.signed(response, TestSaml2X509Credentials.assertingPartySigningCredential(), RELYING_PARTY_ENTITY_ID);
Saml2AuthenticationToken token = token(response, decrypting(verifying(registration())));
Saml2Authentication authentication = (Saml2Authentication) this.provider.authenticate(token);
// the following code will throw an exception if authentication isn't serializable
ByteArrayOutputStream byteStream = new ByteArrayOutputStream(1024);
ObjectOutputStream objectOutputStream = new ObjectOutputStream(byteStream);
objectOutputStream.writeObject(authentication);
objectOutputStream.flush();
}
Aggregations