Examples with Saml2X509Credential - org.springframework.security.saml2.core.Saml2X509Credential

Example 26 with Saml2X509Credential

use of org.springframework.security.saml2.core.Saml2X509Credential in project spring-security by spring-projects.

the class TestOpenSamlObjects method encrypted.

static EncryptedAttribute encrypted(String name, String value, Saml2X509Credential credential) {
    Attribute attribute = attribute(name, value);
    X509Certificate certificate = credential.getCertificate();
    Encrypter encrypter = getEncrypter(certificate);
    try {
        return encrypter.encrypt(attribute);
    } catch (EncryptionException ex) {
        throw new Saml2Exception("Unable to encrypt nameID.", ex);
    }
}

Also used : Encrypter(org.opensaml.saml.saml2.encryption.Encrypter) Attribute(org.opensaml.saml.saml2.core.Attribute) EncryptedAttribute(org.opensaml.saml.saml2.core.EncryptedAttribute) EncryptionException(org.opensaml.xmlsec.encryption.support.EncryptionException) Saml2Exception(org.springframework.security.saml2.Saml2Exception) X509Certificate(java.security.cert.X509Certificate)

Example 27 with Saml2X509Credential

use of org.springframework.security.saml2.core.Saml2X509Credential in project spring-security by spring-projects.

the class OpenSaml4AuthenticationRequestFactoryTests method createRedirectAuthenticationRequestWhenSignRequestThenCredentialIsRequired.

@Test
public void createRedirectAuthenticationRequestWhenSignRequestThenCredentialIsRequired() {
    Saml2X509Credential credential = org.springframework.security.saml2.core.TestSaml2X509Credentials.relyingPartyVerifyingCredential();
    RelyingPartyRegistration registration = TestRelyingPartyRegistrations.noCredentials().assertingPartyDetails((party) -> party.verificationX509Credentials((c) -> c.add(credential))).build();
    this.context = this.contextBuilder.relayState("Relay State Value").relyingPartyRegistration(registration).build();
    assertThatExceptionOfType(Saml2Exception.class).isThrownBy(() -> this.factory.createPostAuthenticationRequest(this.context));
}

Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) BeforeEach(org.junit.jupiter.api.BeforeEach) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Saml2MessageBinding(org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding) AuthnRequestUnmarshaller(org.opensaml.saml.saml2.core.impl.AuthnRequestUnmarshaller) ByteArrayInputStream(java.io.ByteArrayInputStream) BDDMockito.given(org.mockito.BDDMockito.given) Document(org.w3c.dom.Document) Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType) SignatureConstants(org.opensaml.xmlsec.signature.support.SignatureConstants) SAMLConstants(org.opensaml.saml.common.xml.SAMLConstants) Converter(org.springframework.core.convert.converter.Converter) Saml2Exception(org.springframework.security.saml2.Saml2Exception) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) Instant(java.time.Instant) StandardCharsets(java.nio.charset.StandardCharsets) XMLObjectProviderRegistrySupport(org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport) Mockito.verify(org.mockito.Mockito.verify) Test(org.junit.jupiter.api.Test) Element(org.w3c.dom.Element) TestSaml2X509Credentials(org.springframework.security.saml2.credentials.TestSaml2X509Credentials) Assertions(org.junit.jupiter.api.Assertions) Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException) TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations) Mockito.mock(org.mockito.Mockito.mock) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) Saml2Exception(org.springframework.security.saml2.Saml2Exception) Test(org.junit.jupiter.api.Test)

Example 28 with Saml2X509Credential

use of org.springframework.security.saml2.core.Saml2X509Credential in project spring-security by spring-projects.

the class OpenSaml4AuthenticationRequestFactoryTests method createPostAuthenticationRequestWhenSignRequestThenCredentialIsRequired.

@Test
public void createPostAuthenticationRequestWhenSignRequestThenCredentialIsRequired() {
    Saml2X509Credential credential = org.springframework.security.saml2.core.TestSaml2X509Credentials.relyingPartyVerifyingCredential();
    RelyingPartyRegistration registration = TestRelyingPartyRegistrations.noCredentials().assertingPartyDetails((party) -> party.verificationX509Credentials((c) -> c.add(credential))).build();
    this.context = this.contextBuilder.relayState("Relay State Value").relyingPartyRegistration(registration).build();
    assertThatExceptionOfType(Saml2Exception.class).isThrownBy(() -> this.factory.createPostAuthenticationRequest(this.context));
}

Example 29 with Saml2X509Credential

use of org.springframework.security.saml2.core.Saml2X509Credential in project spring-boot by spring-projects.

the class Saml2RelyingPartyRegistrationConfiguration method asSigningCredential.

private Saml2X509Credential asSigningCredential(Signing.Credential properties) {
    RSAPrivateKey privateKey = readPrivateKey(properties.getPrivateKeyLocation());
    X509Certificate certificate = readCertificate(properties.getCertificateLocation());
    return new Saml2X509Credential(privateKey, certificate, Saml2X509CredentialType.SIGNING);
}

Also used : Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) X509Certificate(java.security.cert.X509Certificate)

Aggregations

Saml2X509Credential (org.springframework.security.saml2.core.Saml2X509Credential)24 X509Certificate (java.security.cert.X509Certificate)17 Saml2Exception (org.springframework.security.saml2.Saml2Exception)14 ArrayList (java.util.ArrayList)10 Credential (org.opensaml.security.credential.Credential)8 PrivateKey (java.security.PrivateKey)7 RelyingPartyRegistration (org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)7 SAMLConstants (org.opensaml.saml.common.xml.SAMLConstants)6 Saml2MessageBinding (org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding)6 Document (org.w3c.dom.Document)6 Element (org.w3c.dom.Element)6 ByteArrayInputStream (java.io.ByteArrayInputStream)5 CertificateException (java.security.cert.CertificateException)5 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)5 Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)5 BasicCredential (org.opensaml.security.credential.BasicCredential)5 SignatureConstants (org.opensaml.xmlsec.signature.support.SignatureConstants)5 TestSaml2X509Credentials (org.springframework.security.saml2.credentials.TestSaml2X509Credentials)5 TestRelyingPartyRegistrations (org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations)5 StandardCharsets (java.nio.charset.StandardCharsets)4