Example 6 with SAML2Configuration
use of org.pac4j.saml.config.SAML2Configuration in project cas by apereo.
the class DefaultDelegatedClientAuthenticationWebflowManagerTests method verifyExpiredTicketOperation.
@Test
public void verifyExpiredTicketOperation() throws Exception {
val config = new SAML2Configuration();
val client = new SAML2Client(config);
val ticket = delegatedClientAuthenticationWebflowManager.store(context, client);
assertNotNull(ticketRegistry.getTicket(ticket.getId()));
assertEquals(ticket.getId(), delegatedClientDistributedSessionStore.get(context, SAML2StateGenerator.SAML_RELAY_STATE_ATTRIBUTE).get());
httpServletRequest.addParameter("RelayState", ticket.getId());
ticket.markTicketExpired();
assertThrows(UnauthorizedServiceException.class, () -> delegatedClientAuthenticationWebflowManager.retrieve(requestContext, context, client));
}
Also used :
lombok.val(lombok.val)
SAML2Configuration(org.pac4j.saml.config.SAML2Configuration)
SAML2Client(org.pac4j.saml.client.SAML2Client)
Test(org.junit.jupiter.api.Test)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Example 7 with SAML2Configuration
use of org.pac4j.saml.config.SAML2Configuration in project cas by apereo.
the class DefaultDelegatedClientAuthenticationWebflowManagerTests method setupTestContextFor.
private Pair<SAML2Client, SAML2MessageContext> setupTestContextFor(final String spMetadataPath, final String spEntityId) throws Exception {
val idpMetadata = new File("src/test/resources/idp-metadata.xml").getCanonicalPath();
val keystorePath = new File(FileUtils.getTempDirectory(), "keystore").getCanonicalPath();
val saml2ClientConfiguration = new SAML2Configuration(keystorePath, "changeit", "changeit", idpMetadata);
saml2ClientConfiguration.setServiceProviderEntityId(spEntityId);
saml2ClientConfiguration.setServiceProviderMetadataPath(spMetadataPath);
saml2ClientConfiguration.setForceKeystoreGeneration(true);
saml2ClientConfiguration.setForceServiceProviderMetadataGeneration(true);
saml2ClientConfiguration.init();
val saml2Client = new SAML2Client(saml2ClientConfiguration);
saml2Client.setCallbackUrl("http://callback.example.org");
saml2Client.init();
val saml2MessageContext = new SAML2MessageContext();
saml2MessageContext.setSaml2Configuration(saml2ClientConfiguration);
saml2MessageContext.setWebContext(context);
val peer = saml2MessageContext.getMessageContext().getSubcontext(SAMLPeerEntityContext.class, true);
assertNotNull(peer);
peer.setEntityId("https://cas.example.org/idp");
val md = peer.getSubcontext(SAMLMetadataContext.class, true);
assertNotNull(md);
val roleDescriptorResolver = new PredicateRoleDescriptorResolver(saml2Client.getIdpMetadataResolver().resolve());
roleDescriptorResolver.initialize();
md.setRoleDescriptor(roleDescriptorResolver.resolveSingle(new CriteriaSet(new EntityIdCriterion(Objects.requireNonNull(peer.getEntityId())), new EntityRoleCriterion(IDPSSODescriptor.DEFAULT_ELEMENT_NAME))));
val self = saml2MessageContext.getMessageContext().getSubcontext(SAMLSelfEntityContext.class, true);
assertNotNull(self);
self.setEntityId(saml2ClientConfiguration.getServiceProviderEntityId());
val sp = self.getSubcontext(SAMLMetadataContext.class, true);
assertNotNull(sp);
val spResolver = new PredicateRoleDescriptorResolver(saml2Client.getSpMetadataResolver().resolve());
spResolver.initialize();
sp.setRoleDescriptor(spResolver.resolveSingle(new CriteriaSet(new EntityIdCriterion(Objects.requireNonNull(self.getEntityId())), new EntityRoleCriterion(SPSSODescriptor.DEFAULT_ELEMENT_NAME))));
return Pair.of(saml2Client, saml2MessageContext);
}
Also used :
lombok.val(lombok.val)
SAML2MessageContext(org.pac4j.saml.context.SAML2MessageContext)
SAML2Configuration(org.pac4j.saml.config.SAML2Configuration)
CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet)
EntityIdCriterion(org.opensaml.core.criterion.EntityIdCriterion)
EntityRoleCriterion(org.opensaml.saml.criterion.EntityRoleCriterion)
SAML2Client(org.pac4j.saml.client.SAML2Client)
PredicateRoleDescriptorResolver(org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver)
File(java.io.File)
Example 8 with SAML2Configuration
use of org.pac4j.saml.config.SAML2Configuration in project knox by apache.
the class SAML2ClientConfigurationDecoratorTest method testSaml2ClientConfigurationDecoration.
@Test
public void testSaml2ClientConfigurationDecoration() throws Exception {
final SAML2Configuration saml2Configuration = new SAML2Configuration();
final SAML2Client client = new SAML2Client(saml2Configuration);
final Map<String, String> properties = new HashMap<>();
properties.put("useNameQualifier", "true");
properties.put("forceAuth", "true");
properties.put("passive", "true");
properties.put("nameIdPolicyFormat", "testPolicyFormat");
final SAML2ClientConfigurationDecorator saml2ConfigurationDecorator = new SAML2ClientConfigurationDecorator();
saml2ConfigurationDecorator.decorateClients(Collections.singletonList(client), properties);
assertTrue(saml2Configuration.isUseNameQualifier());
assertTrue(saml2Configuration.isForceAuth());
assertTrue(saml2Configuration.isPassive());
assertEquals("testPolicyFormat", saml2Configuration.getNameIdPolicyFormat());
}
Also used :
SAML2Configuration(org.pac4j.saml.config.SAML2Configuration)
HashMap(java.util.HashMap)
SAML2Client(org.pac4j.saml.client.SAML2Client)
Test(org.junit.Test)
Aggregations
SAML2Configuration (org.pac4j.saml.config.SAML2Configuration)8
SAML2Client (org.pac4j.saml.client.SAML2Client)7
lombok.val (lombok.val)6
File (java.io.File)3
CriteriaSet (net.shibboleth.utilities.java.support.resolver.CriteriaSet)3
EntityIdCriterion (org.opensaml.core.criterion.EntityIdCriterion)3
EntityRoleCriterion (org.opensaml.saml.criterion.EntityRoleCriterion)3
SAML2MessageContext (org.pac4j.saml.context.SAML2MessageContext)3
InMemoryResourceMetadataResolver (org.apereo.cas.support.saml.InMemoryResourceMetadataResolver)2
Test (org.junit.jupiter.api.Test)2
JEEContext (org.pac4j.core.context.JEEContext)2
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)2
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)2
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)2
Verb (com.github.scribejava.core.model.Verb)1
JWSAlgorithm (com.nimbusds.jose.JWSAlgorithm)1
ECPrivateKey (java.security.interfaces.ECPrivateKey)1
Period (java.time.Period)1
Collection (java.util.Collection)1
HashMap (java.util.HashMap)1
