Example 26 with Response
use of org.opensaml.saml2.core.Response in project spring-security by spring-projects.
the class OpenSamlAuthenticationProviderTests method authenticateWhenOpenSAMLValidationErrorThenThrowAuthenticationException.
@Test
public void authenticateWhenOpenSAMLValidationErrorThenThrowAuthenticationException() {
Response response = response();
Assertion assertion = assertion();
assertion.getSubject().getSubjectConfirmations().get(0).getSubjectConfirmationData().setNotOnOrAfter(DateTime.now().minus(Duration.standardDays(3)));
TestOpenSamlObjects.signed(assertion, TestSaml2X509Credentials.assertingPartySigningCredential(), RELYING_PARTY_ENTITY_ID);
response.getAssertions().add(assertion);
Saml2AuthenticationToken token = token(response, verifying(registration()));
assertThatExceptionOfType(Saml2AuthenticationException.class).isThrownBy(() -> this.provider.authenticate(token)).satisfies(errorOf(Saml2ErrorCodes.INVALID_ASSERTION));
}
Also used :
Response(org.opensaml.saml.saml2.core.Response)
EncryptedAssertion(org.opensaml.saml.saml2.core.EncryptedAssertion)
Assertion(org.opensaml.saml.saml2.core.Assertion)
Test(org.junit.jupiter.api.Test)
Example 27 with Response
use of org.opensaml.saml2.core.Response in project spring-security by spring-projects.
the class OpenSamlAuthenticationProviderTests method response.
private Response response(String destination, String issuerEntityId) {
Response response = TestOpenSamlObjects.response(destination, issuerEntityId);
response.setIssueInstant(DateTime.now());
return response;
}
Also used :
Response(org.opensaml.saml.saml2.core.Response)
Example 28 with Response
use of org.opensaml.saml2.core.Response in project spring-security by spring-projects.
the class OpenSamlAuthenticationProviderTests method authenticateWhenCustomAssertionElementsDecrypterThenDecryptsAssertion.
@Test
public void authenticateWhenCustomAssertionElementsDecrypterThenDecryptsAssertion() {
Response response = response();
Assertion assertion = assertion();
EncryptedID id = new EncryptedIDBuilder().buildObject();
id.setEncryptedData(new EncryptedDataBuilder().buildObject());
assertion.getSubject().setEncryptedID(id);
TestOpenSamlObjects.signed(assertion, TestSaml2X509Credentials.assertingPartySigningCredential(), RELYING_PARTY_ENTITY_ID);
response.getAssertions().add(assertion);
Saml2AuthenticationToken token = token(response, verifying(registration()));
this.provider.setAssertionElementsDecrypter((tuple) -> {
NameID name = new NameIDBuilder().buildObject();
name.setValue("decrypted name");
tuple.getAssertion().getSubject().setNameID(name);
});
Authentication authentication = this.provider.authenticate(token);
assertThat(authentication.getName()).isEqualTo("decrypted name");
}
Also used :
Response(org.opensaml.saml.saml2.core.Response)
NameIDBuilder(org.opensaml.saml.saml2.core.impl.NameIDBuilder)
EncryptedIDBuilder(org.opensaml.saml.saml2.core.impl.EncryptedIDBuilder)
EncryptedDataBuilder(org.opensaml.xmlsec.encryption.impl.EncryptedDataBuilder)
NameID(org.opensaml.saml.saml2.core.NameID)
Authentication(org.springframework.security.core.Authentication)
EncryptedAssertion(org.opensaml.saml.saml2.core.EncryptedAssertion)
Assertion(org.opensaml.saml.saml2.core.Assertion)
EncryptedID(org.opensaml.saml.saml2.core.EncryptedID)
Test(org.junit.jupiter.api.Test)
Example 29 with Response
use of org.opensaml.saml2.core.Response in project spring-security by spring-projects.
the class OpenSamlAuthenticationProviderTests method authenticateWhenEncryptedAssertionWithResponseSignatureThenItSucceeds.
@Test
public void authenticateWhenEncryptedAssertionWithResponseSignatureThenItSucceeds() {
Response response = response();
EncryptedAssertion encryptedAssertion = TestOpenSamlObjects.encrypted(assertion(), TestSaml2X509Credentials.assertingPartyEncryptingCredential());
response.getEncryptedAssertions().add(encryptedAssertion);
TestOpenSamlObjects.signed(response, TestSaml2X509Credentials.assertingPartySigningCredential(), RELYING_PARTY_ENTITY_ID);
Saml2AuthenticationToken token = token(response, decrypting(verifying(registration())));
this.provider.authenticate(token);
}
Also used :
Response(org.opensaml.saml.saml2.core.Response)
EncryptedAssertion(org.opensaml.saml.saml2.core.EncryptedAssertion)
Test(org.junit.jupiter.api.Test)
Example 30 with Response
use of org.opensaml.saml2.core.Response in project spring-security by spring-projects.
the class OpenSamlSigningUtilsTests method whenSigningAnObjectThenKeyInfoIsPartOfTheSignature.
@Test
public void whenSigningAnObjectThenKeyInfoIsPartOfTheSignature() throws Exception {
Response response = TestOpenSamlObjects.response();
OpenSamlSigningUtils.sign(response, this.registration);
Signature signature = response.getSignature();
assertThat(signature).isNotNull();
assertThat(signature.getKeyInfo()).isNotNull();
}Aggregations
Response (org.opensaml.saml.saml2.core.Response)245
Test (org.junit.jupiter.api.Test)148
ResponseBuilder.aResponse (uk.gov.ida.saml.core.test.builders.ResponseBuilder.aResponse)84
Assertion (org.opensaml.saml.saml2.core.Assertion)62
EncryptedAssertion (org.opensaml.saml.saml2.core.EncryptedAssertion)51
Element (org.w3c.dom.Element)44
Status (org.opensaml.saml.saml2.core.Status)37
DateTime (org.joda.time.DateTime)36
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)31
Document (org.w3c.dom.Document)31
SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)26
SAMLCallback (org.apache.wss4j.common.saml.SAMLCallback)19
SubjectConfirmationDataBean (org.apache.wss4j.common.saml.bean.SubjectConfirmationDataBean)19
SamlValidationResponse (uk.gov.ida.saml.core.validation.SamlValidationResponse)19
IdpIdaStatus (uk.gov.ida.saml.hub.domain.IdpIdaStatus)18
Authentication (org.springframework.security.core.Authentication)16
ResponseValidatorTestHelper.createStatus (uk.gov.ida.saml.hub.validators.response.helpers.ResponseValidatorTestHelper.createStatus)16
Crypto (org.apache.wss4j.common.crypto.Crypto)15
NameID (org.opensaml.saml.saml2.core.NameID)14
AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)13
