Example 6 with Saml2ResponseValidatorResult
use of org.springframework.security.saml2.core.Saml2ResponseValidatorResult in project spring-security by spring-projects.
the class OpenSamlAuthenticationProvider method createDefaultAssertionSignatureValidator.
private Converter<AssertionToken, Saml2ResponseValidatorResult> createDefaultAssertionSignatureValidator() {
return createAssertionValidator(Saml2ErrorCodes.INVALID_SIGNATURE, (assertionToken) -> {
RelyingPartyRegistration registration = assertionToken.getToken().getRelyingPartyRegistration();
SignatureTrustEngine engine = OpenSamlVerificationUtils.trustEngine(registration);
return SAML20AssertionValidators.createSignatureValidator(engine);
}, (assertionToken) -> new ValidationContext(Collections.singletonMap(SAML2AssertionValidationParameters.SIGNATURE_REQUIRED, false)));
}
Also used :
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
SignatureTrustEngine(org.opensaml.xmlsec.signature.support.SignatureTrustEngine)
ValidationContext(org.opensaml.saml.common.assertion.ValidationContext)
Example 7 with Saml2ResponseValidatorResult
use of org.springframework.security.saml2.core.Saml2ResponseValidatorResult in project spring-security by spring-projects.
the class OpenSaml4AuthenticationProviderTests method authenticateWhenCustomAssertionValidatorThenUses.
@Test
public void authenticateWhenCustomAssertionValidatorThenUses() {
Converter<OpenSaml4AuthenticationProvider.AssertionToken, Saml2ResponseValidatorResult> validator = mock(Converter.class);
OpenSaml4AuthenticationProvider provider = new OpenSaml4AuthenticationProvider();
// @formatter:off
provider.setAssertionValidator((assertionToken) -> OpenSaml4AuthenticationProvider.createDefaultAssertionValidator().convert(assertionToken).concat(validator.convert(assertionToken)));
// @formatter:on
Response response = response();
Assertion assertion = assertion();
response.getAssertions().add(assertion);
TestOpenSamlObjects.signed(response, TestSaml2X509Credentials.assertingPartySigningCredential(), ASSERTING_PARTY_ENTITY_ID);
Saml2AuthenticationToken token = token(response, verifying(registration()));
given(validator.convert(any(OpenSaml4AuthenticationProvider.AssertionToken.class))).willReturn(Saml2ResponseValidatorResult.success());
provider.authenticate(token);
verify(validator).convert(any(OpenSaml4AuthenticationProvider.AssertionToken.class));
}
Also used :
Response(org.opensaml.saml.saml2.core.Response)
EncryptedAssertion(org.opensaml.saml.saml2.core.EncryptedAssertion)
Assertion(org.opensaml.saml.saml2.core.Assertion)
Saml2ResponseValidatorResult(org.springframework.security.saml2.core.Saml2ResponseValidatorResult)
Test(org.junit.jupiter.api.Test)
Aggregations
Assertion (org.opensaml.saml.saml2.core.Assertion)5
EncryptedAssertion (org.opensaml.saml.saml2.core.EncryptedAssertion)5
Saml2ResponseValidatorResult (org.springframework.security.saml2.core.Saml2ResponseValidatorResult)5
Test (org.junit.jupiter.api.Test)3
Response (org.opensaml.saml.saml2.core.Response)3
XSString (org.opensaml.core.xml.schema.XSString)2
ValidationContext (org.opensaml.saml.common.assertion.ValidationContext)2
SignatureTrustEngine (org.opensaml.xmlsec.signature.support.SignatureTrustEngine)2
Saml2Error (org.springframework.security.saml2.core.Saml2Error)2
RelyingPartyRegistration (org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)2
ResponseToken (org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider.ResponseToken)1
