use of org.pac4j.saml.crypto.DefaultSignatureSigningParametersProvider in project cas by apereo.
the class SamlObjectSignatureValidatorTests method verifySamlAuthnRequestWithoutSig.
@Test
public void verifySamlAuthnRequestWithoutSig() throws Exception {
val spMetadataPath = new File(FileUtils.getTempDirectory(), "sp-metadata.xml").getCanonicalPath();
setupTestContextFor(spMetadataPath, "cas:example:sp");
val request = new MockHttpServletRequest();
val builder = new SAML2AuthnRequestBuilder();
val authnRequest = builder.build(saml2MessageContext);
val messageContext = new MessageContext();
messageContext.setMessage(authnRequest);
val secContext = messageContext.getSubcontext(SecurityParametersContext.class, true);
val provider = new DefaultSignatureSigningParametersProvider(saml2ClientConfiguration);
Objects.requireNonNull(secContext).setSignatureSigningParameters(provider.build(adaptor.getSsoDescriptor()));
assertDoesNotThrow(new Executable() {
@Override
public void execute() throws Throwable {
samlObjectSignatureValidator.verifySamlProfileRequestIfNeeded(authnRequest, adaptor, request, samlContext);
}
});
}
use of org.pac4j.saml.crypto.DefaultSignatureSigningParametersProvider in project cas by apereo.
the class SamlObjectSignatureValidatorTests method verifySamlAuthnRequestSigned.
@Test
public void verifySamlAuthnRequestSigned() throws Exception {
val spMetadataPath = new File(FileUtils.getTempDirectory(), "sp-metadata.xml").getCanonicalPath();
setupTestContextFor(spMetadataPath, "cas:example:sp");
val request = new MockHttpServletRequest();
val builder = new SAML2AuthnRequestBuilder();
val authnRequest = builder.build(saml2MessageContext);
val messageContext = new MessageContext();
messageContext.setMessage(authnRequest);
val secContext = messageContext.getSubcontext(SecurityParametersContext.class, true);
val provider = new DefaultSignatureSigningParametersProvider(saml2ClientConfiguration);
Objects.requireNonNull(secContext).setSignatureSigningParameters(provider.build(adaptor.getSsoDescriptor()));
val handler = new SAMLOutboundProtocolMessageSigningHandler();
handler.initialize();
handler.invoke(messageContext);
assertDoesNotThrow(new Executable() {
@Override
public void execute() throws Throwable {
samlObjectSignatureValidator.verifySamlProfileRequestIfNeeded(authnRequest, adaptor, request, samlContext);
}
});
}
Aggregations