Examples with Saml2RedirectAuthenticationRequest - org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest

Example 1 with Saml2RedirectAuthenticationRequest

use of org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest in project spring-security by spring-projects.

the class Saml2WebSsoAuthenticationRequestFilterTests method doFilterWhenRelayStateThenRedirectDoesContainParameter.

@Test
public void doFilterWhenRelayStateThenRedirectDoesContainParameter() throws ServletException, IOException {
    Saml2AuthenticationRequestContext context = authenticationRequestContext().build();
    Saml2RedirectAuthenticationRequest request = redirectAuthenticationRequest(context).build();
    given(this.resolver.resolve(any())).willReturn(context);
    given(this.factory.createRedirectAuthenticationRequest(any())).willReturn(request);
    this.filter.doFilterInternal(this.request, this.response, this.filterChain);
    assertThat(this.response.getHeader("Location")).contains("RelayState=relayState").startsWith(IDP_SSO_URL);
}

Also used : Saml2RedirectAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest) Saml2AuthenticationRequestContext(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext) Test(org.junit.jupiter.api.Test)

Example 2 with Saml2RedirectAuthenticationRequest

use of org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest in project spring-security by spring-projects.

the class Saml2WebSsoAuthenticationRequestFilterTests method doFilterWhenSignatureIsDisabledThenSignatureParametersAreNotInTheRedirectURL.

@Test
public void doFilterWhenSignatureIsDisabledThenSignatureParametersAreNotInTheRedirectURL() throws Exception {
    Saml2AuthenticationRequestContext context = authenticationRequestContext().build();
    Saml2RedirectAuthenticationRequest request = redirectAuthenticationRequest(context).build();
    given(this.resolver.resolve(any())).willReturn(context);
    given(this.factory.createRedirectAuthenticationRequest(any())).willReturn(request);
    this.filter.doFilterInternal(this.request, this.response, this.filterChain);
    assertThat(this.response.getHeader("Location")).doesNotContain("SigAlg=").doesNotContain("Signature=").startsWith(IDP_SSO_URL);
}

Example 3 with Saml2RedirectAuthenticationRequest

use of org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest in project spring-security by spring-projects.

the class Saml2WebSsoAuthenticationRequestFilterTests method doFilterWhenRedirectThenSaveRedirectRequest.

@Test
public void doFilterWhenRedirectThenSaveRedirectRequest() throws ServletException, IOException {
    Saml2AuthenticationRequestContext context = authenticationRequestContext().build();
    Saml2RedirectAuthenticationRequest request = redirectAuthenticationRequest(context).build();
    given(this.resolver.resolve(any())).willReturn(context);
    given(this.factory.createRedirectAuthenticationRequest(any())).willReturn(request);
    this.filter.doFilterInternal(this.request, this.response, this.filterChain);
    verify(this.authenticationRequestRepository).saveAuthenticationRequest(any(Saml2RedirectAuthenticationRequest.class), eq(this.request), eq(this.response));
}

Example 4 with Saml2RedirectAuthenticationRequest

use of org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest in project spring-security by spring-projects.

the class Saml2WebSsoAuthenticationRequestFilterTests method doFilterWhenRelayStateThatRequiresEncodingThenRedirectDoesContainsEncodedParameter.

@Test
public void doFilterWhenRelayStateThatRequiresEncodingThenRedirectDoesContainsEncodedParameter() throws Exception {
    String relayStateValue = "https://my-relay-state.example.com?with=param&other=param";
    String relayStateEncoded = UriUtils.encode(relayStateValue, StandardCharsets.ISO_8859_1);
    Saml2AuthenticationRequestContext context = authenticationRequestContext().relayState(relayStateValue).build();
    Saml2RedirectAuthenticationRequest request = redirectAuthenticationRequest(context).build();
    given(this.resolver.resolve(any())).willReturn(context);
    given(this.factory.createRedirectAuthenticationRequest(any())).willReturn(request);
    this.filter.doFilterInternal(this.request, this.response, this.filterChain);
    assertThat(this.response.getHeader("Location")).contains("RelayState=" + relayStateEncoded).startsWith(IDP_SSO_URL);
}

Example 5 with Saml2RedirectAuthenticationRequest

use of org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest in project spring-security by spring-projects.

the class Saml2WebSsoAuthenticationRequestFilterTests method doFilterWhenNoRelayStateThenRedirectDoesNotContainParameter.

@Test
public void doFilterWhenNoRelayStateThenRedirectDoesNotContainParameter() throws ServletException, IOException {
    Saml2AuthenticationRequestContext context = authenticationRequestContext().relayState(null).build();
    Saml2RedirectAuthenticationRequest request = redirectAuthenticationRequest(context).build();
    given(this.resolver.resolve(any())).willReturn(context);
    given(this.factory.createRedirectAuthenticationRequest(any())).willReturn(request);
    this.filter.doFilterInternal(this.request, this.response, this.filterChain);
    assertThat(this.response.getHeader("Location")).doesNotContain("RelayState=").startsWith(IDP_SSO_URL);
}

Aggregations

Saml2RedirectAuthenticationRequest (org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest)11 Test (org.junit.jupiter.api.Test)10 RelyingPartyRegistration (org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)8 Saml2AuthenticationRequestContext (org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext)7 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)4 Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)4 AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)4 SignatureConstants (org.opensaml.xmlsec.signature.support.SignatureConstants)4 Saml2Exception (org.springframework.security.saml2.Saml2Exception)4 Saml2X509Credential (org.springframework.security.saml2.core.Saml2X509Credential)4 Saml2MessageBinding (org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding)4 TestRelyingPartyRegistrations (org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations)4 Test (org.junit.Test)3 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)3 ByteArrayInputStream (java.io.ByteArrayInputStream)2 StandardCharsets (java.nio.charset.StandardCharsets)2 Assertions.assertThatIllegalArgumentException (org.assertj.core.api.Assertions.assertThatIllegalArgumentException)2 Before (org.junit.Before)2 Assertions (org.junit.jupiter.api.Assertions)2 BeforeEach (org.junit.jupiter.api.BeforeEach)2