use of org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext in project spring-security by spring-projects.
the class Saml2WebSsoAuthenticationRequestFilterTests method doFilterWhenNoRelayStateThenRedirectDoesNotContainParameter.
@Test
public void doFilterWhenNoRelayStateThenRedirectDoesNotContainParameter() throws ServletException, IOException {
Saml2AuthenticationRequestContext context = authenticationRequestContext().relayState(null).build();
Saml2RedirectAuthenticationRequest request = redirectAuthenticationRequest(context).build();
given(this.resolver.resolve(any())).willReturn(context);
given(this.factory.createRedirectAuthenticationRequest(any())).willReturn(request);
this.filter.doFilterInternal(this.request, this.response, this.filterChain);
assertThat(this.response.getHeader("Location")).doesNotContain("RelayState=").startsWith(IDP_SSO_URL);
}
use of org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext in project spring-security by spring-projects.
the class OpenSamlAuthenticationRequestFactory method createAuthnRequest.
private AuthnRequest createAuthnRequest(Saml2AuthenticationRequestContext context) {
String issuer = context.getIssuer();
String destination = context.getDestination();
String assertionConsumerServiceUrl = context.getAssertionConsumerServiceUrl();
Saml2MessageBinding protocolBinding = this.protocolBindingResolver.convert(context);
AuthnRequest auth = this.authnRequestBuilder.buildObject();
if (auth.getID() == null) {
auth.setID("ARQ" + UUID.randomUUID().toString().substring(1));
}
if (auth.getIssueInstant() == null) {
auth.setIssueInstant(new DateTime(this.clock.millis()));
}
if (auth.isForceAuthn() == null) {
auth.setForceAuthn(Boolean.FALSE);
}
if (auth.isPassive() == null) {
auth.setIsPassive(Boolean.FALSE);
}
if (auth.getProtocolBinding() == null) {
auth.setProtocolBinding(protocolBinding.getUrn());
}
Issuer iss = this.issuerBuilder.buildObject();
iss.setValue(issuer);
auth.setIssuer(iss);
auth.setDestination(destination);
auth.setAssertionConsumerServiceURL(assertionConsumerServiceUrl);
return auth;
}
use of org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext in project spring-security by spring-projects.
the class OpenSaml4AuthenticationRequestFactoryTests method createPostAuthenticationRequestWhenAssertionConsumerServiceBindingThenUses.
@Test
public void createPostAuthenticationRequestWhenAssertionConsumerServiceBindingThenUses() {
RelyingPartyRegistration relyingPartyRegistration = this.relyingPartyRegistrationBuilder.assertionConsumerServiceBinding(Saml2MessageBinding.REDIRECT).build();
Saml2AuthenticationRequestContext context = this.contextBuilder.relyingPartyRegistration(relyingPartyRegistration).build();
Saml2PostAuthenticationRequest request = this.factory.createPostAuthenticationRequest(context);
String samlRequest = request.getSamlRequest();
String inflated = new String(Saml2Utils.samlDecode(samlRequest));
assertThat(inflated).contains("ProtocolBinding=\"" + SAMLConstants.SAML2_REDIRECT_BINDING_URI + "\"");
}
use of org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext in project spring-security by spring-projects.
the class OpenSaml4AuthenticationRequestFactory method createAuthenticationRequest.
/**
* {@inheritDoc}
*/
@Override
@Deprecated
public String createAuthenticationRequest(Saml2AuthenticationRequest request) {
RelyingPartyRegistration registration = RelyingPartyRegistration.withRegistrationId("noId").assertionConsumerServiceBinding(Saml2MessageBinding.POST).assertionConsumerServiceLocation(request.getAssertionConsumerServiceUrl()).entityId(request.getIssuer()).remoteIdpEntityId("noIssuer").idpWebSsoUrl("noUrl").credentials((credentials) -> credentials.addAll(request.getCredentials())).build();
Saml2AuthenticationRequestContext context = Saml2AuthenticationRequestContext.builder().relyingPartyRegistration(registration).issuer(request.getIssuer()).assertionConsumerServiceUrl(request.getAssertionConsumerServiceUrl()).build();
AuthnRequest authnRequest = this.authenticationRequestContextConverter.convert(context);
return OpenSamlSigningUtils.serialize(OpenSamlSigningUtils.sign(authnRequest, registration));
}
use of org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext in project spring-security by spring-projects.
the class OpenSaml4AuthenticationRequestFactory method createPostAuthenticationRequest.
/**
* {@inheritDoc}
*/
@Override
public Saml2PostAuthenticationRequest createPostAuthenticationRequest(Saml2AuthenticationRequestContext context) {
AuthnRequest authnRequest = this.authenticationRequestContextConverter.convert(context);
RelyingPartyRegistration registration = context.getRelyingPartyRegistration();
if (registration.getAssertingPartyDetails().getWantAuthnRequestsSigned()) {
OpenSamlSigningUtils.sign(authnRequest, registration);
}
String xml = OpenSamlSigningUtils.serialize(authnRequest);
return Saml2PostAuthenticationRequest.withAuthenticationRequestContext(context).samlRequest(Saml2Utils.samlEncode(xml.getBytes(StandardCharsets.UTF_8))).build();
}
Aggregations