use of org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken in project spring-security by spring-projects.
the class OpenSaml4AuthenticationProviderTests method authenticateWhenCustomAssertionValidatorThenUses.
@Test
public void authenticateWhenCustomAssertionValidatorThenUses() {
Converter<OpenSaml4AuthenticationProvider.AssertionToken, Saml2ResponseValidatorResult> validator = mock(Converter.class);
OpenSaml4AuthenticationProvider provider = new OpenSaml4AuthenticationProvider();
// @formatter:off
provider.setAssertionValidator((assertionToken) -> OpenSaml4AuthenticationProvider.createDefaultAssertionValidator().convert(assertionToken).concat(validator.convert(assertionToken)));
// @formatter:on
Response response = response();
Assertion assertion = assertion();
response.getAssertions().add(assertion);
TestOpenSamlObjects.signed(response, TestSaml2X509Credentials.assertingPartySigningCredential(), ASSERTING_PARTY_ENTITY_ID);
Saml2AuthenticationToken token = token(response, verifying(registration()));
given(validator.convert(any(OpenSaml4AuthenticationProvider.AssertionToken.class))).willReturn(Saml2ResponseValidatorResult.success());
provider.authenticate(token);
verify(validator).convert(any(OpenSaml4AuthenticationProvider.AssertionToken.class));
}
use of org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken in project spring-security by spring-projects.
the class OpenSaml4AuthenticationProviderTests method token.
private Saml2AuthenticationToken token() {
Response response = response();
RelyingPartyRegistration registration = verifying(registration()).build();
return new Saml2AuthenticationToken(registration, serialize(response));
}
use of org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken in project spring-security by spring-projects.
the class OpenSaml4AuthenticationProviderTests method authenticateWhenValidationContextCustomizedThenUsers.
@Test
public void authenticateWhenValidationContextCustomizedThenUsers() {
Map<String, Object> parameters = new HashMap<>();
parameters.put(SAML2AssertionValidationParameters.SC_VALID_RECIPIENTS, Collections.singleton("blah"));
ValidationContext context = mock(ValidationContext.class);
given(context.getStaticParameters()).willReturn(parameters);
OpenSaml4AuthenticationProvider provider = new OpenSaml4AuthenticationProvider();
provider.setAssertionValidator(OpenSaml4AuthenticationProvider.createDefaultAssertionValidator((assertionToken) -> context));
Response response = response();
Assertion assertion = assertion();
response.getAssertions().add(assertion);
TestOpenSamlObjects.signed(response, TestSaml2X509Credentials.assertingPartySigningCredential(), ASSERTING_PARTY_ENTITY_ID);
Saml2AuthenticationToken token = token(response, verifying(registration()));
// @formatter:off
assertThatExceptionOfType(Saml2AuthenticationException.class).isThrownBy(() -> provider.authenticate(token)).isInstanceOf(Saml2AuthenticationException.class).satisfies((error) -> assertThat(error).hasMessageContaining("Invalid assertion"));
// @formatter:on
verify(context, atLeastOnce()).getStaticParameters();
}
use of org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken in project spring-security by spring-projects.
the class OpenSaml4AuthenticationProviderTests method createDefaultResponseAuthenticationConverterWhenResponseThenConverts.
@Test
public void createDefaultResponseAuthenticationConverterWhenResponseThenConverts() {
Response response = TestOpenSamlObjects.signedResponseWithOneAssertion();
Saml2AuthenticationToken token = token(response, verifying(registration()));
ResponseToken responseToken = new ResponseToken(response, token);
Saml2Authentication authentication = OpenSaml4AuthenticationProvider.createDefaultResponseAuthenticationConverter().convert(responseToken);
assertThat(authentication.getName()).isEqualTo("test@saml.user");
}
Aggregations