Example 6 with SAML2AuthnRequestBuilder
use of org.pac4j.saml.sso.impl.SAML2AuthnRequestBuilder in project cas by apereo.
the class DefaultDelegatedClientAuthenticationWebflowManagerTests method verifyPassiveAuthnOperation.
@Test
public void verifyPassiveAuthnOperation() throws Exception {
val registeredService = RegisteredServiceTestUtils.getRegisteredService(UUID.randomUUID().toString());
registeredService.setProperties(Map.of(RegisteredServiceProperty.RegisteredServiceProperties.DELEGATED_AUTHN_PASSIVE_AUTHN.getPropertyName(), new DefaultRegisteredServiceProperty("true")));
servicesManager.save(registeredService);
httpServletRequest.setParameter(CasProtocolConstants.PARAMETER_SERVICE, registeredService.getServiceId());
val pair = setupTestContextFor(File.createTempFile("sp-metadata", ".xml").getAbsolutePath(), "cas.example.sp");
val ticket = delegatedClientAuthenticationWebflowManager.store(context, pair.getLeft());
assertNotNull(ticketRegistry.getTicket(ticket.getId()));
assertEquals(ticket.getId(), delegatedClientDistributedSessionStore.get(context, SAML2StateGenerator.SAML_RELAY_STATE_ATTRIBUTE).get());
val builder = new SAML2AuthnRequestBuilder();
val result = builder.build(pair.getRight());
assertTrue(result.isPassive());
httpServletRequest.addParameter("RelayState", ticket.getId());
val service = delegatedClientAuthenticationWebflowManager.retrieve(requestContext, context, pair.getLeft());
assertNotNull(service);
assertNull(ticketRegistry.getTicket(ticket.getId()));
}
Also used :
lombok.val(lombok.val)
SAML2AuthnRequestBuilder(org.pac4j.saml.sso.impl.SAML2AuthnRequestBuilder)
DefaultRegisteredServiceProperty(org.apereo.cas.services.DefaultRegisteredServiceProperty)
Test(org.junit.jupiter.api.Test)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Example 7 with SAML2AuthnRequestBuilder
use of org.pac4j.saml.sso.impl.SAML2AuthnRequestBuilder in project cas by apereo.
the class DefaultDelegatedClientAuthenticationWebflowManagerTests method verifyForceAuthnOperation.
@Test
public void verifyForceAuthnOperation() throws Exception {
val registeredService = RegisteredServiceTestUtils.getRegisteredService(UUID.randomUUID().toString());
registeredService.setProperties(Map.of(RegisteredServiceProperty.RegisteredServiceProperties.DELEGATED_AUTHN_FORCE_AUTHN.getPropertyName(), new DefaultRegisteredServiceProperty("true")));
servicesManager.save(registeredService);
httpServletRequest.setParameter(CasProtocolConstants.PARAMETER_SERVICE, registeredService.getServiceId());
val pair = setupTestContextFor(File.createTempFile("sp-metadata", ".xml").getAbsolutePath(), "cas.example.sp");
val ticket = delegatedClientAuthenticationWebflowManager.store(context, pair.getLeft());
assertNotNull(ticketRegistry.getTicket(ticket.getId()));
assertEquals(ticket.getId(), delegatedClientDistributedSessionStore.get(context, SAML2StateGenerator.SAML_RELAY_STATE_ATTRIBUTE).get());
val builder = new SAML2AuthnRequestBuilder();
val result = builder.build(pair.getRight());
assertTrue(result.isForceAuthn());
httpServletRequest.addParameter("RelayState", ticket.getId());
val service = delegatedClientAuthenticationWebflowManager.retrieve(requestContext, context, pair.getLeft());
assertNotNull(service);
assertNull(ticketRegistry.getTicket(ticket.getId()));
}
Also used :
lombok.val(lombok.val)
SAML2AuthnRequestBuilder(org.pac4j.saml.sso.impl.SAML2AuthnRequestBuilder)
DefaultRegisteredServiceProperty(org.apereo.cas.services.DefaultRegisteredServiceProperty)
Test(org.junit.jupiter.api.Test)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Example 8 with SAML2AuthnRequestBuilder
use of org.pac4j.saml.sso.impl.SAML2AuthnRequestBuilder in project cas by apereo.
the class SamlObjectSignatureValidatorTests method verifySamlAuthnRequestSigned.
@Test
public void verifySamlAuthnRequestSigned() throws Exception {
val spMetadataPath = new File(FileUtils.getTempDirectory(), "sp-metadata.xml").getCanonicalPath();
setupTestContextFor(spMetadataPath, "cas:example:sp");
val request = new MockHttpServletRequest();
val builder = new SAML2AuthnRequestBuilder();
val authnRequest = builder.build(saml2MessageContext);
val messageContext = new MessageContext();
messageContext.setMessage(authnRequest);
val secContext = messageContext.getSubcontext(SecurityParametersContext.class, true);
val provider = new DefaultSignatureSigningParametersProvider(saml2ClientConfiguration);
Objects.requireNonNull(secContext).setSignatureSigningParameters(provider.build(adaptor.getSsoDescriptor()));
val handler = new SAMLOutboundProtocolMessageSigningHandler();
handler.initialize();
handler.invoke(messageContext);
assertDoesNotThrow(new Executable() {
@Override
public void execute() throws Throwable {
samlObjectSignatureValidator.verifySamlProfileRequestIfNeeded(authnRequest, adaptor, request, samlContext);
}
});
}
Also used :
lombok.val(lombok.val)
DefaultSignatureSigningParametersProvider(org.pac4j.saml.crypto.DefaultSignatureSigningParametersProvider)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
SAMLOutboundProtocolMessageSigningHandler(org.opensaml.saml.common.binding.security.impl.SAMLOutboundProtocolMessageSigningHandler)
MessageContext(org.opensaml.messaging.context.MessageContext)
SAML2MessageContext(org.pac4j.saml.context.SAML2MessageContext)
Executable(org.junit.jupiter.api.function.Executable)
File(java.io.File)
SAML2AuthnRequestBuilder(org.pac4j.saml.sso.impl.SAML2AuthnRequestBuilder)
Test(org.junit.jupiter.api.Test)
Example 9 with SAML2AuthnRequestBuilder
use of org.pac4j.saml.sso.impl.SAML2AuthnRequestBuilder in project cas by apereo.
the class SamlObjectSignatureValidatorTests method verifySamlAuthnRequestNotSigned.
@Test
public void verifySamlAuthnRequestNotSigned() throws Exception {
val spMetadataPath = new File(FileUtils.getTempDirectory(), "sp-metadata.xml").getCanonicalPath();
setupTestContextFor(spMetadataPath, "cas:example:sp");
val request = new MockHttpServletRequest();
val builder = new SAML2AuthnRequestBuilder();
val authnRequest = builder.build(saml2MessageContext);
samlObjectSignatureValidator.verifySamlProfileRequestIfNeeded(authnRequest, adaptor, request, samlContext);
}
Also used :
lombok.val(lombok.val)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
File(java.io.File)
SAML2AuthnRequestBuilder(org.pac4j.saml.sso.impl.SAML2AuthnRequestBuilder)
Test(org.junit.jupiter.api.Test)
Aggregations
lombok.val (lombok.val)9
Test (org.junit.jupiter.api.Test)9
SAML2AuthnRequestBuilder (org.pac4j.saml.sso.impl.SAML2AuthnRequestBuilder)9
MessageContext (org.opensaml.messaging.context.MessageContext)5
SAML2MessageContext (org.pac4j.saml.context.SAML2MessageContext)5
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)4
File (java.io.File)3
Executable (org.junit.jupiter.api.function.Executable)3
JEEContext (org.pac4j.core.context.JEEContext)3
DefaultRegisteredServiceProperty (org.apereo.cas.services.DefaultRegisteredServiceProperty)2
SAMLObjectBuilder (org.opensaml.saml.common.SAMLObjectBuilder)2
DefaultSignatureSigningParametersProvider (org.pac4j.saml.crypto.DefaultSignatureSigningParametersProvider)2
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)2
SAMLOutboundProtocolMessageSigningHandler (org.opensaml.saml.common.binding.security.impl.SAMLOutboundProtocolMessageSigningHandler)1
