use of org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest in project spring-security by spring-projects.
the class Saml2LogoutResponseFilterTests method doFilterWhenSamlResponsePostThenLogout.
@Test
public void doFilterWhenSamlResponsePostThenLogout() throws Exception {
Authentication authentication = new TestingAuthenticationToken("user", "password");
SecurityContextHolder.getContext().setAuthentication(authentication);
MockHttpServletRequest request = new MockHttpServletRequest("POST", "/logout/saml2/slo");
request.setServletPath("/logout/saml2/slo");
request.setParameter(Saml2ParameterNames.SAML_RESPONSE, "response");
MockHttpServletResponse response = new MockHttpServletResponse();
RelyingPartyRegistration registration = TestRelyingPartyRegistrations.full().build();
given(this.relyingPartyRegistrationResolver.resolve(request, "registration-id")).willReturn(registration);
Saml2LogoutRequest logoutRequest = Saml2LogoutRequest.withRelyingPartyRegistration(registration).samlRequest("request").build();
given(this.logoutRequestRepository.removeLogoutRequest(request, response)).willReturn(logoutRequest);
given(this.logoutResponseValidator.validate(any())).willReturn(Saml2LogoutValidatorResult.success());
this.logoutResponseProcessingFilter.doFilterInternal(request, response, new MockFilterChain());
verify(this.logoutResponseValidator).validate(any());
verify(this.logoutSuccessHandler).onLogoutSuccess(any(), any(), any());
}
use of org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest in project spring-security by spring-projects.
the class Saml2RelyingPartyInitiatedLogoutSuccessHandlerTests method onLogoutSuccessWhenRedirectThenRedirectsToAssertingParty.
@Test
public void onLogoutSuccessWhenRedirectThenRedirectsToAssertingParty() throws Exception {
RelyingPartyRegistration registration = TestRelyingPartyRegistrations.full().build();
Authentication authentication = authentication(registration);
SecurityContextHolder.getContext().setAuthentication(authentication);
Saml2LogoutRequest logoutRequest = Saml2LogoutRequest.withRelyingPartyRegistration(registration).samlRequest("request").build();
MockHttpServletRequest request = new MockHttpServletRequest("POST", "/saml2/logout");
request.setServletPath("/saml2/logout");
MockHttpServletResponse response = new MockHttpServletResponse();
given(this.logoutRequestResolver.resolve(any(), any())).willReturn(logoutRequest);
this.logoutRequestSuccessHandler.onLogoutSuccess(request, response, authentication);
String content = response.getHeader("Location");
assertThat(content).contains(Saml2ParameterNames.SAML_REQUEST);
assertThat(content).startsWith(registration.getAssertingPartyDetails().getSingleLogoutServiceLocation());
}
use of org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest in project spring-security by spring-projects.
the class Saml2RelyingPartyInitiatedLogoutSuccessHandlerTests method onLogoutSuccessWhenPostThenPostsToAssertingParty.
@Test
public void onLogoutSuccessWhenPostThenPostsToAssertingParty() throws Exception {
RelyingPartyRegistration registration = TestRelyingPartyRegistrations.full().assertingPartyDetails((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.POST)).build();
Authentication authentication = authentication(registration);
SecurityContextHolder.getContext().setAuthentication(authentication);
Saml2LogoutRequest logoutRequest = Saml2LogoutRequest.withRelyingPartyRegistration(registration).samlRequest("request").build();
MockHttpServletRequest request = new MockHttpServletRequest("POST", "/saml2/logout");
request.setServletPath("/saml2/logout");
MockHttpServletResponse response = new MockHttpServletResponse();
given(this.logoutRequestResolver.resolve(any(), any())).willReturn(logoutRequest);
this.logoutRequestSuccessHandler.onLogoutSuccess(request, response, authentication);
String content = response.getContentAsString();
assertThat(content).contains(Saml2ParameterNames.SAML_REQUEST);
assertThat(content).contains(registration.getAssertingPartyDetails().getSingleLogoutServiceLocation());
}
use of org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest in project spring-security by spring-projects.
the class HttpSessionLogoutRequestRepositoryTests method saveLogoutRequestWhenHttpServletRequestIsNullThenThrowIllegalArgumentException.
@Test
public void saveLogoutRequestWhenHttpServletRequestIsNullThenThrowIllegalArgumentException() {
Saml2LogoutRequest logoutRequest = createLogoutRequest().build();
assertThatIllegalArgumentException().isThrownBy(() -> this.logoutRequestRepository.saveLogoutRequest(logoutRequest, null, new MockHttpServletResponse()));
}
use of org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest in project spring-security by spring-projects.
the class HttpSessionLogoutRequestRepositoryTests method saveLogoutRequestWhenStateNullThenThrowIllegalArgumentException.
@Test
public void saveLogoutRequestWhenStateNullThenThrowIllegalArgumentException() {
Saml2LogoutRequest logoutRequest = createLogoutRequest().relayState(null).build();
assertThatIllegalArgumentException().isThrownBy(() -> this.logoutRequestRepository.saveLogoutRequest(logoutRequest, new MockHttpServletRequest(), new MockHttpServletResponse()));
}
Aggregations