Examples with Saml2RedirectAuthenticationRequest org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest used on opensource projects

Search in sources :

Example 6 with Saml2RedirectAuthenticationRequest

use of org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest in project spring-security by spring-projects.

the class OpenSamlAuthenticationRequestResolverTests method resolveAuthenticationRequestWhenSHA1SignRequestThenSigns.

@Test
public void resolveAuthenticationRequestWhenSHA1SignRequestThenSigns() {
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setPathInfo("/saml2/authenticate/registration-id");
    RelyingPartyRegistration registration = this.relyingPartyRegistrationBuilder.assertingPartyDetails((party) -> party.signingAlgorithms((algs) -> algs.add(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1))).build();
    OpenSamlAuthenticationRequestResolver resolver = authenticationRequestResolver(registration);
    Saml2RedirectAuthenticationRequest result = resolver.resolve(request, null);
    assertThat(result.getSamlRequest()).isNotEmpty();
    assertThat(result.getRelayState()).isNotNull();
    assertThat(result.getSigAlg()).isEqualTo(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
    assertThat(result.getSignature()).isNotNull();
    assertThat(result.getBinding()).isEqualTo(Saml2MessageBinding.REDIRECT);
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) Saml2Exception(org.springframework.security.saml2.Saml2Exception) Test(org.junit.Test) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) TestSaml2X509Credentials(org.springframework.security.saml2.core.TestSaml2X509Credentials) RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Saml2MessageBinding(org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding) Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType) SignatureConstants(org.opensaml.xmlsec.signature.support.SignatureConstants) TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations) Saml2PostAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest) Saml2RedirectAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest) Before(org.junit.Before) Saml2RedirectAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Test(org.junit.Test)

Example 7 with Saml2RedirectAuthenticationRequest

use of org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest in project spring-security by spring-projects.

the class OpenSamlAuthenticationRequestResolverTests method resolveAuthenticationRequestWhenUnsignedRedirectThenRedirectsAndNoSignature.

@Test
public void resolveAuthenticationRequestWhenUnsignedRedirectThenRedirectsAndNoSignature() {
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setPathInfo("/saml2/authenticate/registration-id");
    RelyingPartyRegistration registration = this.relyingPartyRegistrationBuilder.assertingPartyDetails((party) -> party.wantAuthnRequestsSigned(false)).build();
    OpenSamlAuthenticationRequestResolver resolver = authenticationRequestResolver(registration);
    Saml2RedirectAuthenticationRequest result = resolver.resolve(request, (r, authnRequest) -> {
        assertThat(authnRequest.getAssertionConsumerServiceURL()).isEqualTo(registration.getAssertionConsumerServiceLocation());
        assertThat(authnRequest.getProtocolBinding()).isEqualTo(registration.getAssertionConsumerServiceBinding().getUrn());
        assertThat(authnRequest.getDestination()).isEqualTo(registration.getAssertingPartyDetails().getSingleSignOnServiceLocation());
        assertThat(authnRequest.getIssuer().getValue()).isEqualTo(registration.getEntityId());
    });
    assertThat(result.getSamlRequest()).isNotEmpty();
    assertThat(result.getRelayState()).isNotNull();
    assertThat(result.getSigAlg()).isNull();
    assertThat(result.getSignature()).isNull();
    assertThat(result.getBinding()).isEqualTo(Saml2MessageBinding.REDIRECT);
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) Saml2Exception(org.springframework.security.saml2.Saml2Exception) Test(org.junit.Test) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) TestSaml2X509Credentials(org.springframework.security.saml2.core.TestSaml2X509Credentials) RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Saml2MessageBinding(org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding) Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType) SignatureConstants(org.opensaml.xmlsec.signature.support.SignatureConstants) TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations) Saml2PostAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest) Saml2RedirectAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest) Before(org.junit.Before) Saml2RedirectAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Test(org.junit.Test)

Example 8 with Saml2RedirectAuthenticationRequest

use of org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest in project spring-security by spring-projects.

the class OpenSamlAuthenticationRequestFactoryTests method createRedirectAuthenticationRequestWhenSHA1SignRequestThenSignatureIsPresent.

@Test
public void createRedirectAuthenticationRequestWhenSHA1SignRequestThenSignatureIsPresent() {
    RelyingPartyRegistration relyingPartyRegistration = this.relyingPartyRegistrationBuilder.assertingPartyDetails((a) -> a.signingAlgorithms((algs) -> algs.add(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1))).build();
    Saml2AuthenticationRequestContext context = this.contextBuilder.relayState("Relay State Value").relyingPartyRegistration(relyingPartyRegistration).build();
    Saml2RedirectAuthenticationRequest result = this.factory.createRedirectAuthenticationRequest(context);
    assertThat(result.getSamlRequest()).isNotEmpty();
    assertThat(result.getRelayState()).isEqualTo("Relay State Value");
    assertThat(result.getSigAlg()).isEqualTo(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
    assertThat(result.getSignature()).isNotNull();
    assertThat(result.getBinding()).isEqualTo(Saml2MessageBinding.REDIRECT);
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) BeforeEach(org.junit.jupiter.api.BeforeEach) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Saml2MessageBinding(org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding) AuthnRequestUnmarshaller(org.opensaml.saml.saml2.core.impl.AuthnRequestUnmarshaller) ByteArrayInputStream(java.io.ByteArrayInputStream) BDDMockito.given(org.mockito.BDDMockito.given) Document(org.w3c.dom.Document) Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType) SignatureConstants(org.opensaml.xmlsec.signature.support.SignatureConstants) SAMLConstants(org.opensaml.saml.common.xml.SAMLConstants) Converter(org.springframework.core.convert.converter.Converter) DateTime(org.joda.time.DateTime) Saml2Exception(org.springframework.security.saml2.Saml2Exception) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) StandardCharsets(java.nio.charset.StandardCharsets) XMLObjectProviderRegistrySupport(org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport) Mockito.verify(org.mockito.Mockito.verify) Test(org.junit.jupiter.api.Test) Element(org.w3c.dom.Element) TestSaml2X509Credentials(org.springframework.security.saml2.credentials.TestSaml2X509Credentials) Assertions(org.junit.jupiter.api.Assertions) Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException) TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations) Mockito.mock(org.mockito.Mockito.mock) Test(org.junit.jupiter.api.Test)

Example 9 with Saml2RedirectAuthenticationRequest

use of org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest in project spring-security by spring-projects.

the class OpenSaml4AuthenticationRequestFactory method createRedirectAuthenticationRequest.

/**
 * {@inheritDoc}
 */
@Override
public Saml2RedirectAuthenticationRequest createRedirectAuthenticationRequest(Saml2AuthenticationRequestContext context) {
    AuthnRequest authnRequest = this.authenticationRequestContextConverter.convert(context);
    RelyingPartyRegistration registration = context.getRelyingPartyRegistration();
    String xml = OpenSamlSigningUtils.serialize(authnRequest);
    Saml2RedirectAuthenticationRequest.Builder result = Saml2RedirectAuthenticationRequest.withAuthenticationRequestContext(context);
    String deflatedAndEncoded = Saml2Utils.samlEncode(Saml2Utils.samlDeflate(xml));
    result.samlRequest(deflatedAndEncoded).relayState(context.getRelayState());
    if (registration.getAssertingPartyDetails().getWantAuthnRequestsSigned()) {
        QueryParametersPartial partial = OpenSamlSigningUtils.sign(registration).param(Saml2ParameterNames.SAML_REQUEST, deflatedAndEncoded);
        if (StringUtils.hasText(context.getRelayState())) {
            partial.param(Saml2ParameterNames.RELAY_STATE, context.getRelayState());
        }
        Map<String, String> parameters = partial.parameters();
        return result.sigAlg(parameters.get(Saml2ParameterNames.SIG_ALG)).signature(parameters.get(Saml2ParameterNames.SIGNATURE)).build();
    }
    return result.build();
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) QueryParametersPartial(org.springframework.security.saml2.provider.service.authentication.OpenSamlSigningUtils.QueryParametersPartial) AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)

Example 10 with Saml2RedirectAuthenticationRequest

use of org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest in project spring-security by spring-projects.

the class OpenSamlAuthenticationRequestResolverTests method resolveAuthenticationRequestWhenSignedRedirectThenSignsAndRedirects.

@Test
public void resolveAuthenticationRequestWhenSignedRedirectThenSignsAndRedirects() {
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setPathInfo("/saml2/authenticate/registration-id");
    RelyingPartyRegistration registration = this.relyingPartyRegistrationBuilder.build();
    OpenSamlAuthenticationRequestResolver resolver = authenticationRequestResolver(registration);
    Saml2RedirectAuthenticationRequest result = resolver.resolve(request, (r, authnRequest) -> {
        assertThat(authnRequest.getAssertionConsumerServiceURL()).isEqualTo(registration.getAssertionConsumerServiceLocation());
        assertThat(authnRequest.getProtocolBinding()).isEqualTo(registration.getAssertionConsumerServiceBinding().getUrn());
        assertThat(authnRequest.getDestination()).isEqualTo(registration.getAssertingPartyDetails().getSingleSignOnServiceLocation());
        assertThat(authnRequest.getIssuer().getValue()).isEqualTo(registration.getEntityId());
    });
    assertThat(result.getSamlRequest()).isNotEmpty();
    assertThat(result.getRelayState()).isNotNull();
    assertThat(result.getSigAlg()).isEqualTo(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
    assertThat(result.getSignature()).isNotEmpty();
    assertThat(result.getBinding()).isEqualTo(Saml2MessageBinding.REDIRECT);
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Saml2RedirectAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Test(org.junit.Test)

Aggregations

Saml2RedirectAuthenticationRequest (org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest)11 Test (org.junit.jupiter.api.Test)10 RelyingPartyRegistration (org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)8 Saml2AuthenticationRequestContext (org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext)7 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)4 Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)4 AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)4 SignatureConstants (org.opensaml.xmlsec.signature.support.SignatureConstants)4 Saml2Exception (org.springframework.security.saml2.Saml2Exception)4 Saml2X509Credential (org.springframework.security.saml2.core.Saml2X509Credential)4 Saml2MessageBinding (org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding)4 TestRelyingPartyRegistrations (org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations)4 Test (org.junit.Test)3 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)3 ByteArrayInputStream (java.io.ByteArrayInputStream)2 StandardCharsets (java.nio.charset.StandardCharsets)2 Assertions.assertThatIllegalArgumentException (org.assertj.core.api.Assertions.assertThatIllegalArgumentException)2 Before (org.junit.Before)2 Assertions (org.junit.jupiter.api.Assertions)2 BeforeEach (org.junit.jupiter.api.BeforeEach)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial