Example 11 with Saml2AuthenticationRequestContext
use of org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext in project spring-security by spring-projects.
the class DefaultSaml2AuthenticationRequestContextResolver method resolve.
@Override
public Saml2AuthenticationRequestContext resolve(HttpServletRequest request) {
Assert.notNull(request, "request cannot be null");
RelyingPartyRegistration relyingParty = this.relyingPartyRegistrationResolver.convert(request);
if (relyingParty == null) {
return null;
}
if (this.logger.isDebugEnabled()) {
this.logger.debug("Creating SAML 2.0 Authentication Request for Asserting Party [" + relyingParty.getRegistrationId() + "]");
}
return createRedirectAuthenticationRequestContext(request, relyingParty);
}
Also used :
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
Example 12 with Saml2AuthenticationRequestContext
use of org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext in project spring-security by spring-projects.
the class DefaultSaml2AuthenticationRequestContextResolverTests method resolveWhenAssertionConsumerServiceUrlTemplateContainsBaseUrlThenResolves.
@Test
public void resolveWhenAssertionConsumerServiceUrlTemplateContainsBaseUrlThenResolves() {
this.relyingPartyBuilder.assertionConsumerServiceLocation("{baseUrl}/saml2/authenticate/{registrationId}");
Saml2AuthenticationRequestContext context = this.authenticationRequestContextResolver.resolve(this.request);
assertThat(context.getAssertionConsumerServiceUrl()).isEqualTo("http://localhost/saml2/authenticate/registration-id");
}
Also used :
Saml2AuthenticationRequestContext(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext)
Test(org.junit.jupiter.api.Test)
Example 13 with Saml2AuthenticationRequestContext
use of org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext in project midpoint by Evolveum.
the class MidpointSaml2WebSsoAuthenticationRequestFilter method doFilterInternal.
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
super.doFilterInternal(request, response, filterChain);
RequestMatcher.MatchResult matcher = this.redirectMatcher.matcher(request);
if (!matcher.isMatch()) {
return;
}
Saml2AuthenticationRequestContext context = this.authenticationRequestContextResolver.resolve(request);
if (context == null) {
return;
}
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication instanceof MidpointAuthentication) {
MidpointAuthentication mpAuthentication = (MidpointAuthentication) authentication;
Saml2ModuleAuthenticationImpl moduleAuthentication = (Saml2ModuleAuthenticationImpl) mpAuthentication.getProcessingModuleAuthentication();
moduleAuthentication.setRequestState(RequestState.SENDED);
}
}
Also used :
RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher)
AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher)
MidpointAuthentication(com.evolveum.midpoint.authentication.api.config.MidpointAuthentication)
Authentication(org.springframework.security.core.Authentication)
Saml2ModuleAuthenticationImpl(com.evolveum.midpoint.authentication.impl.module.authentication.Saml2ModuleAuthenticationImpl)
MidpointAuthentication(com.evolveum.midpoint.authentication.api.config.MidpointAuthentication)
Saml2AuthenticationRequestContext(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext)
Example 14 with Saml2AuthenticationRequestContext
use of org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext in project spring-security by spring-projects.
the class OpenSamlAuthenticationRequestFactoryTests method createPostAuthenticationRequestWhenAssertionConsumerServiceBindingThenUses.
@Test
public void createPostAuthenticationRequestWhenAssertionConsumerServiceBindingThenUses() {
RelyingPartyRegistration relyingPartyRegistration = this.relyingPartyRegistrationBuilder.assertionConsumerServiceBinding(Saml2MessageBinding.REDIRECT).build();
Saml2AuthenticationRequestContext context = this.contextBuilder.relyingPartyRegistration(relyingPartyRegistration).build();
Saml2PostAuthenticationRequest request = this.factory.createPostAuthenticationRequest(context);
String samlRequest = request.getSamlRequest();
String inflated = new String(Saml2Utils.samlDecode(samlRequest));
assertThat(inflated).contains("ProtocolBinding=\"" + SAMLConstants.SAML2_REDIRECT_BINDING_URI + "\"");
}
Also used :
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
Test(org.junit.jupiter.api.Test)
Example 15 with Saml2AuthenticationRequestContext
use of org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext in project spring-security by spring-projects.
the class OpenSamlAuthenticationRequestFactoryTests method createRedirectAuthenticationRequestWhenSHA1SignRequestThenSignatureIsPresent.
@Test
public void createRedirectAuthenticationRequestWhenSHA1SignRequestThenSignatureIsPresent() {
RelyingPartyRegistration relyingPartyRegistration = this.relyingPartyRegistrationBuilder.assertingPartyDetails((a) -> a.signingAlgorithms((algs) -> algs.add(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1))).build();
Saml2AuthenticationRequestContext context = this.contextBuilder.relayState("Relay State Value").relyingPartyRegistration(relyingPartyRegistration).build();
Saml2RedirectAuthenticationRequest result = this.factory.createRedirectAuthenticationRequest(context);
assertThat(result.getSamlRequest()).isNotEmpty();
assertThat(result.getRelayState()).isEqualTo("Relay State Value");
assertThat(result.getSigAlg()).isEqualTo(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
assertThat(result.getSignature()).isNotNull();
assertThat(result.getBinding()).isEqualTo(Saml2MessageBinding.REDIRECT);
}
Also used :
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
BeforeEach(org.junit.jupiter.api.BeforeEach)
Assertions.assertThat(org.assertj.core.api.Assertions.assertThat)
AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
Saml2MessageBinding(org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding)
AuthnRequestUnmarshaller(org.opensaml.saml.saml2.core.impl.AuthnRequestUnmarshaller)
ByteArrayInputStream(java.io.ByteArrayInputStream)
BDDMockito.given(org.mockito.BDDMockito.given)
Document(org.w3c.dom.Document)
Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType)
SignatureConstants(org.opensaml.xmlsec.signature.support.SignatureConstants)
SAMLConstants(org.opensaml.saml.common.xml.SAMLConstants)
Converter(org.springframework.core.convert.converter.Converter)
DateTime(org.joda.time.DateTime)
Saml2Exception(org.springframework.security.saml2.Saml2Exception)
Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential)
StandardCharsets(java.nio.charset.StandardCharsets)
XMLObjectProviderRegistrySupport(org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport)
Mockito.verify(org.mockito.Mockito.verify)
Test(org.junit.jupiter.api.Test)
Element(org.w3c.dom.Element)
TestSaml2X509Credentials(org.springframework.security.saml2.credentials.TestSaml2X509Credentials)
Assertions(org.junit.jupiter.api.Assertions)
Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException)
TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations)
Mockito.mock(org.mockito.Mockito.mock)
Test(org.junit.jupiter.api.Test)
Aggregations
Test (org.junit.jupiter.api.Test)17
Saml2AuthenticationRequestContext (org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext)14
RelyingPartyRegistration (org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)13
AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)9
Saml2RedirectAuthenticationRequest (org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest)9
Saml2MessageBinding (org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding)7
StandardCharsets (java.nio.charset.StandardCharsets)6
Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)4
Assertions.assertThatIllegalArgumentException (org.assertj.core.api.Assertions.assertThatIllegalArgumentException)4
BeforeEach (org.junit.jupiter.api.BeforeEach)4
BDDMockito.given (org.mockito.BDDMockito.given)4
Mockito.mock (org.mockito.Mockito.mock)4
Mockito.verify (org.mockito.Mockito.verify)4
SAMLConstants (org.opensaml.saml.common.xml.SAMLConstants)4
Converter (org.springframework.core.convert.converter.Converter)4
TestSaml2X509Credentials (org.springframework.security.saml2.credentials.TestSaml2X509Credentials)4
QueryParametersPartial (org.springframework.security.saml2.provider.service.authentication.OpenSamlSigningUtils.QueryParametersPartial)4
TestRelyingPartyRegistrations (org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations)4
Instant (java.time.Instant)3
DateTime (org.joda.time.DateTime)3
