use of org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider in project spring-security by spring-projects.
the class Saml2LoginConfigurerTests method validateSaml2WebSsoAuthenticationFilterConfiguration.
private void validateSaml2WebSsoAuthenticationFilterConfiguration() {
// get the OpenSamlAuthenticationProvider
Saml2WebSsoAuthenticationFilter filter = getSaml2SsoFilter(this.springSecurityFilterChain);
AuthenticationManager manager = (AuthenticationManager) ReflectionTestUtils.getField(filter, "authenticationManager");
ProviderManager pm = (ProviderManager) manager;
AuthenticationProvider provider = pm.getProviders().stream().filter((p) -> p instanceof OpenSaml4AuthenticationProvider).findFirst().get();
assertThat(provider).isNotNull();
}
use of org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider in project spring-security by spring-projects.
the class OpenSaml4AuthenticationProviderTests method authenticateWhenDelegatingToDefaultAssertionValidatorThenUses.
@Test
public void authenticateWhenDelegatingToDefaultAssertionValidatorThenUses() {
OpenSaml4AuthenticationProvider provider = new OpenSaml4AuthenticationProvider();
// @formatter:off
provider.setAssertionValidator((assertionToken) -> OpenSaml4AuthenticationProvider.createDefaultAssertionValidator((token) -> new ValidationContext()).convert(assertionToken).concat(new Saml2Error("wrong error", "wrong error")));
// @formatter:on
Response response = response();
Assertion assertion = assertion();
OneTimeUse oneTimeUse = build(OneTimeUse.DEFAULT_ELEMENT_NAME);
assertion.getConditions().getConditions().add(oneTimeUse);
response.getAssertions().add(assertion);
TestOpenSamlObjects.signed(response, TestSaml2X509Credentials.assertingPartySigningCredential(), ASSERTING_PARTY_ENTITY_ID);
Saml2AuthenticationToken token = token(response, verifying(registration()));
// @formatter:off
assertThatExceptionOfType(Saml2AuthenticationException.class).isThrownBy(() -> provider.authenticate(token)).isInstanceOf(Saml2AuthenticationException.class).satisfies((error) -> assertThat(error.getSaml2Error().getErrorCode()).isEqualTo(Saml2ErrorCodes.INVALID_ASSERTION));
// @formatter:on
}
use of org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider in project spring-security by spring-projects.
the class OpenSaml4AuthenticationProviderTests method authenticateWhenCustomResponseValidatorThenUses.
@Test
public void authenticateWhenCustomResponseValidatorThenUses() {
Converter<OpenSaml4AuthenticationProvider.ResponseToken, Saml2ResponseValidatorResult> validator = mock(Converter.class);
OpenSaml4AuthenticationProvider provider = new OpenSaml4AuthenticationProvider();
// @formatter:off
provider.setResponseValidator((responseToken) -> OpenSaml4AuthenticationProvider.createDefaultResponseValidator().convert(responseToken).concat(validator.convert(responseToken)));
// @formatter:on
Response response = response();
Assertion assertion = assertion();
response.getAssertions().add(assertion);
TestOpenSamlObjects.signed(response, TestSaml2X509Credentials.assertingPartySigningCredential(), ASSERTING_PARTY_ENTITY_ID);
Saml2AuthenticationToken token = token(response, verifying(registration()));
given(validator.convert(any(OpenSaml4AuthenticationProvider.ResponseToken.class))).willReturn(Saml2ResponseValidatorResult.success());
provider.authenticate(token);
verify(validator).convert(any(OpenSaml4AuthenticationProvider.ResponseToken.class));
}
use of org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider in project spring-security by spring-projects.
the class OpenSaml4AuthenticationProviderTests method authenticateWhenResponseAuthenticationConverterConfiguredThenUses.
@Test
public void authenticateWhenResponseAuthenticationConverterConfiguredThenUses() {
Converter<ResponseToken, Saml2Authentication> authenticationConverter = mock(Converter.class);
OpenSaml4AuthenticationProvider provider = new OpenSaml4AuthenticationProvider();
provider.setResponseAuthenticationConverter(authenticationConverter);
Response response = TestOpenSamlObjects.signedResponseWithOneAssertion();
Saml2AuthenticationToken token = token(response, verifying(registration()));
provider.authenticate(token);
verify(authenticationConverter).convert(any());
}
use of org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider in project spring-security by spring-projects.
the class OpenSaml4AuthenticationProviderTests method authenticateWhenCustomAssertionValidatorThenUses.
@Test
public void authenticateWhenCustomAssertionValidatorThenUses() {
Converter<OpenSaml4AuthenticationProvider.AssertionToken, Saml2ResponseValidatorResult> validator = mock(Converter.class);
OpenSaml4AuthenticationProvider provider = new OpenSaml4AuthenticationProvider();
// @formatter:off
provider.setAssertionValidator((assertionToken) -> OpenSaml4AuthenticationProvider.createDefaultAssertionValidator().convert(assertionToken).concat(validator.convert(assertionToken)));
// @formatter:on
Response response = response();
Assertion assertion = assertion();
response.getAssertions().add(assertion);
TestOpenSamlObjects.signed(response, TestSaml2X509Credentials.assertingPartySigningCredential(), ASSERTING_PARTY_ENTITY_ID);
Saml2AuthenticationToken token = token(response, verifying(registration()));
given(validator.convert(any(OpenSaml4AuthenticationProvider.AssertionToken.class))).willReturn(Saml2ResponseValidatorResult.success());
provider.authenticate(token);
verify(validator).convert(any(OpenSaml4AuthenticationProvider.AssertionToken.class));
}
Aggregations