Examples with RequestedAuthnContext org.opensaml.saml2.core.RequestedAuthnContext used on opensource projects

Search in sources :

Example 6 with RequestedAuthnContext

use of org.opensaml.saml2.core.RequestedAuthnContext in project cas by apereo.

the class SamlIdPDelegatedAuthenticationConfigurationTests method verifyOperation.

@Test
public void verifyOperation() throws Exception {
    val service = getSamlRegisteredServiceFor("https://cassp.example.org");
    service.setId(2000);
    val authnRequest = SamlIdPTestUtils.getAuthnRequest(openSamlConfigBean, service);
    authnRequest.setForceAuthn(true);
    authnRequest.setIsPassive(true);
    var builder = (SAMLObjectBuilder) openSamlConfigBean.getBuilderFactory().getBuilder(AuthnContextClassRef.DEFAULT_ELEMENT_NAME);
    val classRef = (AuthnContextClassRef) builder.buildObject(AuthnContextClassRef.DEFAULT_ELEMENT_NAME);
    classRef.setURI("https://refeds.org/profile/mfa");
    builder = (SAMLObjectBuilder) openSamlConfigBean.getBuilderFactory().getBuilder(RequestedAuthnContext.DEFAULT_ELEMENT_NAME);
    val reqCtx = (RequestedAuthnContext) builder.buildObject(RequestedAuthnContext.DEFAULT_ELEMENT_NAME);
    reqCtx.setComparison(AuthnContextComparisonTypeEnumeration.EXACT);
    reqCtx.getAuthnContextClassRefs().add(classRef);
    authnRequest.setRequestedAuthnContext(reqCtx);
    val request = new MockHttpServletRequest();
    val response = new MockHttpServletResponse();
    val webContext = new JEEContext(request, response);
    val messageContext = new MessageContext();
    messageContext.setMessage(authnRequest);
    val context = Pair.of(authnRequest, messageContext);
    SamlIdPUtils.storeSamlRequest(webContext, openSamlConfigBean, samlIdPDistributedSessionStore, context);
    val saml2Client = mock(SAML2Client.class);
    assertTrue(customizer.supports(saml2Client, webContext));
    customizer.customize(saml2Client, webContext);
    assertTrue(webContext.getRequestAttribute(RedirectionActionBuilder.ATTRIBUTE_FORCE_AUTHN).isPresent());
    assertTrue(webContext.getRequestAttribute(RedirectionActionBuilder.ATTRIBUTE_PASSIVE).isPresent());
    assertTrue(webContext.getRequestAttribute(SAML2ConfigurationContext.REQUEST_ATTR_AUTHN_CONTEXT_CLASS_REFS).isPresent());
    assertTrue(webContext.getRequestAttribute(SAML2ConfigurationContext.REQUEST_ATTR_COMPARISON_TYPE).isPresent());
}
Also used : lombok.val(lombok.val) RequestedAuthnContext(org.opensaml.saml.saml2.core.RequestedAuthnContext) SAMLObjectBuilder(org.opensaml.saml.common.SAMLObjectBuilder) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) AuthnContextClassRef(org.opensaml.saml.saml2.core.AuthnContextClassRef) JEEContext(org.pac4j.core.context.JEEContext) MessageContext(org.opensaml.messaging.context.MessageContext) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 7 with RequestedAuthnContext

use of org.opensaml.saml2.core.RequestedAuthnContext in project cas by apereo.

the class SamlIdPMultifactorAuthenticationTriggerTests method verifyContextMapping.

@Test
public void verifyContextMapping() throws Exception {
    val registeredService = SamlIdPTestUtils.getSamlRegisteredService();
    val service = RegisteredServiceTestUtils.getService(registeredService.getServiceId());
    val authnRequest = SamlIdPTestUtils.getAuthnRequest(openSamlConfigBean, registeredService);
    var builder = (SAMLObjectBuilder) openSamlConfigBean.getBuilderFactory().getBuilder(AuthnContextClassRef.DEFAULT_ELEMENT_NAME);
    val classRef = (AuthnContextClassRef) builder.buildObject(AuthnContextClassRef.DEFAULT_ELEMENT_NAME);
    classRef.setURI("context1");
    builder = (SAMLObjectBuilder) openSamlConfigBean.getBuilderFactory().getBuilder(RequestedAuthnContext.DEFAULT_ELEMENT_NAME);
    val reqCtx = (RequestedAuthnContext) builder.buildObject(RequestedAuthnContext.DEFAULT_ELEMENT_NAME);
    reqCtx.setComparison(AuthnContextComparisonTypeEnumeration.EXACT);
    reqCtx.getAuthnContextClassRefs().add(classRef);
    authnRequest.setRequestedAuthnContext(reqCtx);
    val request = new MockHttpServletRequest();
    val response = new MockHttpServletResponse();
    val messageContext = new MessageContext();
    messageContext.setMessage(authnRequest);
    val context = Pair.of(authnRequest, messageContext);
    SamlIdPUtils.storeSamlRequest(new JEEContext(request, response), openSamlConfigBean, samlIdPDistributedSessionStore, context);
    assertTrue(samlIdPMultifactorAuthenticationTrigger.supports(request, registeredService, RegisteredServiceTestUtils.getAuthentication(), service));
    val result = samlIdPMultifactorAuthenticationTrigger.isActivated(RegisteredServiceTestUtils.getAuthentication(), registeredService, request, response, service);
    assertTrue(result.isPresent());
}
Also used : lombok.val(lombok.val) RequestedAuthnContext(org.opensaml.saml.saml2.core.RequestedAuthnContext) SAMLObjectBuilder(org.opensaml.saml.common.SAMLObjectBuilder) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) AuthnContextClassRef(org.opensaml.saml.saml2.core.AuthnContextClassRef) JEEContext(org.pac4j.core.context.JEEContext) MessageContext(org.opensaml.messaging.context.MessageContext) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 8 with RequestedAuthnContext

use of org.opensaml.saml2.core.RequestedAuthnContext in project verify-hub by alphagov.

the class IdaAuthnRequestFromHubToAuthnRequestTransformerTest method shouldMaintainTheAuthnContextsInPreferenceOrder.

@Test
public void shouldMaintainTheAuthnContextsInPreferenceOrder() {
    IdaAuthnRequestFromHub originalRequestFromHub = anIdaAuthnRequest().withLevelsOfAssurance(Arrays.asList(AuthnContext.LEVEL_1, AuthnContext.LEVEL_2)).buildFromHub();
    AuthnRequest transformedRequest = transformer.apply(originalRequestFromHub);
    RequestedAuthnContext requestedAuthnContext = transformedRequest.getRequestedAuthnContext();
    List<AuthnContextClassRef> authnContextClassRefs = requestedAuthnContext.getAuthnContextClassRefs();
    List<String> authnContexts = authnContextClassRefs.stream().map(AuthnContextClassRef::getAuthnContextClassRef).collect(Collectors.toList());
    assertThat(authnContexts).containsSequence(IdaAuthnContext.LEVEL_1_AUTHN_CTX, IdaAuthnContext.LEVEL_2_AUTHN_CTX);
}
Also used : IdaAuthnRequestFromHub(uk.gov.ida.saml.hub.domain.IdaAuthnRequestFromHub) RequestedAuthnContext(org.opensaml.saml.saml2.core.RequestedAuthnContext) IdaAuthnRequestBuilder.anIdaAuthnRequest(uk.gov.ida.saml.hub.test.builders.IdaAuthnRequestBuilder.anIdaAuthnRequest) AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) AuthnContextClassRef(org.opensaml.saml.saml2.core.AuthnContextClassRef) Test(org.junit.jupiter.api.Test)

Example 9 with RequestedAuthnContext

use of org.opensaml.saml2.core.RequestedAuthnContext in project verify-hub by alphagov.

the class IdaAuthnRequestFromHubToAuthnRequestTransformerTest method shouldCorrectlyMapLevelsOfAssurance.

@Test
public void shouldCorrectlyMapLevelsOfAssurance() {
    List<AuthnContext> levelsOfAssurance = Arrays.asList(AuthnContext.LEVEL_1, AuthnContext.LEVEL_2);
    List<String> expected = Arrays.asList(IdaAuthnContext.LEVEL_1_AUTHN_CTX, IdaAuthnContext.LEVEL_2_AUTHN_CTX);
    IdaAuthnRequestFromHub originalRequestFromHub = anIdaAuthnRequest().withLevelsOfAssurance(levelsOfAssurance).buildFromHub();
    AuthnRequest transformedRequest = transformer.apply(originalRequestFromHub);
    RequestedAuthnContext requestedAuthnContext = transformedRequest.getRequestedAuthnContext();
    List<String> actual = requestedAuthnContext.getAuthnContextClassRefs().stream().map(AuthnContextClassRef::getAuthnContextClassRef).collect(Collectors.toList());
    assertThat(actual).containsAll(expected);
}
Also used : IdaAuthnRequestFromHub(uk.gov.ida.saml.hub.domain.IdaAuthnRequestFromHub) RequestedAuthnContext(org.opensaml.saml.saml2.core.RequestedAuthnContext) IdaAuthnRequestBuilder.anIdaAuthnRequest(uk.gov.ida.saml.hub.test.builders.IdaAuthnRequestBuilder.anIdaAuthnRequest) AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) RequestedAuthnContext(org.opensaml.saml.saml2.core.RequestedAuthnContext) AuthnContext(uk.gov.ida.saml.core.domain.AuthnContext) IdaAuthnContext(uk.gov.ida.saml.core.extensions.IdaAuthnContext) Test(org.junit.jupiter.api.Test)

Example 10 with RequestedAuthnContext

use of org.opensaml.saml2.core.RequestedAuthnContext in project cas by apereo.

the class DefaultAuthnContextClassRefBuilder method build.

@Override
public String build(final Object assertion, final RequestAbstractType authnRequest, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor, final SamlRegisteredService service) {
    if (StringUtils.isNotBlank(service.getRequiredAuthenticationContextClass())) {
        LOGGER.debug("Using [{}] as indicated by SAML registered service [{}]", service.getRequiredAuthenticationContextClass(), service.getName());
        return service.getRequiredAuthenticationContextClass();
    }
    final String defClass = StringUtils.defaultIfBlank(casProperties.getAuthn().getSamlIdp().getResponse().getDefaultAuthenticationContextClass(), AuthnContext.PPT_AUTHN_CTX);
    final RequestedAuthnContext requestedAuthnContext = (authnRequest instanceof AuthnRequest) ? AuthnRequest.class.cast(authnRequest).getRequestedAuthnContext() : null;
    if (requestedAuthnContext == null) {
        LOGGER.debug("No specific authN context is requested. Returning [{}]", defClass);
        return defClass;
    }
    final List<AuthnContextClassRef> authnContextClassRefs = requestedAuthnContext.getAuthnContextClassRefs();
    if (authnContextClassRefs == null || authnContextClassRefs.isEmpty()) {
        LOGGER.debug("Requested authN context class ref is unspecified. Returning [{}]", defClass);
        return defClass;
    }
    final String finalCtx = StringUtils.defaultIfBlank(getAuthenticationContextByAssertion(assertion, requestedAuthnContext, authnContextClassRefs), defClass);
    LOGGER.debug("Returning authN context [{}]", finalCtx);
    return finalCtx;
}
Also used : RequestedAuthnContext(org.opensaml.saml.saml2.core.RequestedAuthnContext) AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) AuthnContextClassRef(org.opensaml.saml.saml2.core.AuthnContextClassRef)

Aggregations

RequestedAuthnContext (org.opensaml.saml.saml2.core.RequestedAuthnContext)16 AuthnContextClassRef (org.opensaml.saml.saml2.core.AuthnContextClassRef)13 AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)10 Test (org.junit.jupiter.api.Test)5 NameIDPolicy (org.opensaml.saml.saml2.core.NameIDPolicy)5 Issuer (org.opensaml.saml.saml2.core.Issuer)4 IdaAuthnRequestFromHub (uk.gov.ida.saml.hub.domain.IdaAuthnRequestFromHub)4 lombok.val (lombok.val)3 DateTime (org.joda.time.DateTime)3 SAMLObjectBuilder (org.opensaml.saml.common.SAMLObjectBuilder)3 AuthnContextClassRefBuilder (org.opensaml.saml.saml2.core.impl.AuthnContextClassRefBuilder)3 IdaAuthnRequestBuilder.anIdaAuthnRequest (uk.gov.ida.saml.hub.test.builders.IdaAuthnRequestBuilder.anIdaAuthnRequest)3 XMLObject (org.opensaml.core.xml.XMLObject)2 MessageContext (org.opensaml.messaging.context.MessageContext)2 RequestedAuthnContextBuilder (org.opensaml.saml.saml2.core.impl.RequestedAuthnContextBuilder)2 JEEContext (org.pac4j.core.context.JEEContext)2 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)2 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)2 Inject (com.google.inject.Inject)1 StringReader (java.io.StringReader)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial