Examples with Status org.opensaml.saml2.core.Status used on opensource projects

Example 6 with Status

use of org.opensaml.saml2.core.Status in project verify-hub by alphagov.

the class MatchingServiceResponseTranslatorResourceTest method shouldReturnADtoWhenResponseIs_NoMatch.

@Test
public void shouldReturnADtoWhenResponseIs_NoMatch() throws Exception {
    final String requestId = "requestId";
    final String msaStatusCode = SamlStatusCode.NO_MATCH;
    final Status status = aStatus().withStatusCode(aStatusCode().withSubStatusCode(aStatusCode().withValue(msaStatusCode).build()).withValue(RESPONDER).build()).build();
    final SamlResponseDto samlResponseDto = new SamlResponseDto(Base64.encodeAsString(aValidNoMatchResponseFromMatchingService(requestId, status, TEST_RP_MS)));
    Response clientResponse = postToSamlEngine(samlResponseDto);
    assertThat(clientResponse.getStatus()).isEqualTo(Response.Status.OK.getStatusCode());
    InboundResponseFromMatchingServiceDto inboundResponseFromMatchingServiceDto = clientResponse.readEntity(InboundResponseFromMatchingServiceDto.class);
    assertThat(inboundResponseFromMatchingServiceDto.getIssuer()).isEqualTo(TEST_RP_MS);
    assertThat(inboundResponseFromMatchingServiceDto.getInResponseTo()).isEqualTo(requestId);
    assertThat(inboundResponseFromMatchingServiceDto.getStatus().name()).isEqualTo(MatchingServiceIdaStatus.NoMatchingServiceMatchFromMatchingService.name());
    assertThat(inboundResponseFromMatchingServiceDto.getLevelOfAssurance().isPresent()).isFalse();
    assertThat(inboundResponseFromMatchingServiceDto.getUnderlyingMatchingServiceAssertionBlob().isPresent()).isFalse();
}

Example 7 with Status

use of org.opensaml.saml2.core.Status in project verify-hub by alphagov.

the class MatchingServiceResponseTranslatorResourceTest method shouldNotReturnADtoResponse_WhenBadlySigned_NoMatch.

@Test
public void shouldNotReturnADtoResponse_WhenBadlySigned_NoMatch() throws Exception {
    final String requestId = "requestId";
    final String msaStatusCode = SamlStatusCode.NO_MATCH;
    final Status status = aStatus().withStatusCode(aStatusCode().withSubStatusCode(aStatusCode().withValue(msaStatusCode).build()).withValue(RESPONDER).build()).build();
    final SamlResponseDto samlResponseDto = new SamlResponseDto(Base64.encodeAsString(aValidNoMatchResponseFromMatchingServiceisBadlySigned(requestId, status, TEST_RP_MS)));
    Response clientResponse = postToSamlEngine(samlResponseDto);
    assertThat(clientResponse.getStatus()).isEqualTo(Response.Status.BAD_REQUEST.getStatusCode());
    ErrorStatusDto errorStatusDto = clientResponse.readEntity(ErrorStatusDto.class);
    assertThat(errorStatusDto.getExceptionType()).isEqualTo(ExceptionType.INVALID_SAML);
}

Example 8 with Status

use of org.opensaml.saml2.core.Status in project cas by apereo.

the class Saml10ObjectBuilder method newStatus.

/**
 * Create a new SAML status object.
 *
 * @param codeValue     the code value
 * @param statusMessage the status message
 * @return the status
 */
public Status newStatus(final QName codeValue, final String statusMessage) {
    final Status status = newSamlObject(Status.class);
    final StatusCode code = newSamlObject(StatusCode.class);
    code.setValue(codeValue);
    status.setStatusCode(code);
    if (StringUtils.isNotBlank(statusMessage)) {
        final StatusMessage message = newSamlObject(StatusMessage.class);
        message.setMessage(statusMessage);
        status.setStatusMessage(message);
    }
    return status;
}

Example 9 with Status

use of org.opensaml.saml2.core.Status in project cas by apereo.

the class SamlProfileSaml2ResponseBuilder method buildResponse.

@Override
public Response buildResponse(final Assertion assertion, final Object casAssertion, final RequestAbstractType authnRequest, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor, final HttpServletRequest request, final HttpServletResponse response, final String binding) throws SamlException {
    final String id = '_' + String.valueOf(Math.abs(RandomUtils.getNativeInstance().nextLong()));
    Response samlResponse = newResponse(id, ZonedDateTime.now(ZoneOffset.UTC), authnRequest.getID(), null);
    samlResponse.setVersion(SAMLVersion.VERSION_20);
    samlResponse.setIssuer(buildEntityIssuer());
    if (casProperties.getAuthn().getSamlIdp().isAttributeQueryProfileEnabled()) {
        storeAttributeQueryTicketInRegistry(assertion, request, adaptor);
    }
    final SAMLObject finalAssertion = encryptAssertion(assertion, request, response, service, adaptor);
    if (finalAssertion instanceof EncryptedAssertion) {
        LOGGER.debug("Built assertion is encrypted, so the response will add it to the encrypted assertions collection");
        samlResponse.getEncryptedAssertions().add(EncryptedAssertion.class.cast(finalAssertion));
    } else {
        LOGGER.debug("Built assertion is not encrypted, so the response will add it to the assertions collection");
        samlResponse.getAssertions().add(Assertion.class.cast(finalAssertion));
    }
    final Status status = newStatus(StatusCode.SUCCESS, null);
    samlResponse.setStatus(status);
    SamlUtils.logSamlObject(this.configBean, samlResponse);
    if (service.isSignResponses()) {
        LOGGER.debug("SAML entity id [{}] indicates that SAML responses should be signed", adaptor.getEntityId());
        samlResponse = this.samlObjectSigner.encode(samlResponse, service, adaptor, response, request, binding);
        SamlUtils.logSamlObject(configBean, samlResponse);
    }
    return samlResponse;
}

Example 10 with Status

use of org.opensaml.saml2.core.Status in project cxf by apache.

the class CombinedValidatorTest method createResponse.

private Response createResponse(Document doc) throws Exception {
    Status status = SAML2PResponseComponentBuilder.createStatus(SAMLProtocolResponseValidator.SAML2_STATUSCODE_SUCCESS, null);
    Response response = SAML2PResponseComponentBuilder.createSAMLResponse("http://cxf.apache.org/saml", "http://cxf.apache.org/issuer", status);
    response.setDestination("http://recipient.apache.org");
    // Create an AuthenticationAssertion
    SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
    callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);
    callbackHandler.setIssuer("http://cxf.apache.org/issuer");
    callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
    callbackHandler.setSubjectName("alice");
    SubjectConfirmationDataBean subjectConfirmationData = new SubjectConfirmationDataBean();
    subjectConfirmationData.setAddress("http://apache.org");
    subjectConfirmationData.setInResponseTo("12345");
    subjectConfirmationData.setNotAfter(new DateTime().plusMinutes(5));
    subjectConfirmationData.setRecipient("http://recipient.apache.org");
    callbackHandler.setSubjectConfirmationData(subjectConfirmationData);
    ConditionsBean conditions = new ConditionsBean();
    conditions.setNotBefore(new DateTime());
    conditions.setNotAfter(new DateTime().plusMinutes(5));
    AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
    audienceRestriction.setAudienceURIs(Collections.singletonList("http://service.apache.org"));
    conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction));
    callbackHandler.setConditions(conditions);
    SAMLCallback samlCallback = new SAMLCallback();
    SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
    SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
    Crypto issuerCrypto = new Merlin();
    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
    ClassLoader loader = Loader.getClassLoader(CombinedValidatorTest.class);
    InputStream input = Merlin.loadInputStream(loader, "alice.jks");
    keyStore.load(input, "password".toCharArray());
    ((Merlin) issuerCrypto).setKeyStore(keyStore);
    assertion.signAssertion("alice", "password", issuerCrypto, false);
    response.getAssertions().add(assertion.getSaml2());
    return response;
}