Examples with Saml2LogoutRequest org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest used on opensource projects

Search in sources :

Example 36 with Saml2LogoutRequest

use of org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest in project spring-security by spring-projects.

the class Saml2LogoutResponseFilterTests method doFilterWhenNoRelyingPartyLogoutThen401.

@Test
public void doFilterWhenNoRelyingPartyLogoutThen401() throws Exception {
    Authentication authentication = new TestingAuthenticationToken("user", "password");
    SecurityContextHolder.getContext().setAuthentication(authentication);
    MockHttpServletRequest request = new MockHttpServletRequest("POST", "/logout/saml2/slo");
    request.setServletPath("/logout/saml2/slo");
    request.setParameter(Saml2ParameterNames.SAML_RESPONSE, "response");
    MockHttpServletResponse response = new MockHttpServletResponse();
    RelyingPartyRegistration registration = TestRelyingPartyRegistrations.full().singleLogoutServiceLocation(null).singleLogoutServiceResponseLocation(null).build();
    given(this.relyingPartyRegistrationResolver.resolve(any(), any())).willReturn(registration);
    Saml2LogoutRequest logoutRequest = Saml2LogoutRequest.withRelyingPartyRegistration(registration).samlRequest("request").build();
    given(this.logoutRequestRepository.removeLogoutRequest(request, response)).willReturn(logoutRequest);
    this.logoutResponseProcessingFilter.doFilterInternal(request, response, new MockFilterChain());
    assertThat(response.getStatus()).isEqualTo(401);
    verifyNoInteractions(this.logoutSuccessHandler);
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Authentication(org.springframework.security.core.Authentication) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Saml2LogoutRequest(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) MockFilterChain(org.springframework.mock.web.MockFilterChain) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 37 with Saml2LogoutRequest

use of org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest in project spring-security by spring-projects.

the class Saml2LogoutResponseFilterTests method doFilterWhenValidatorFailsThenStops.

@Test
public void doFilterWhenValidatorFailsThenStops() throws Exception {
    Authentication authentication = new TestingAuthenticationToken("user", "password");
    SecurityContextHolder.getContext().setAuthentication(authentication);
    MockHttpServletRequest request = new MockHttpServletRequest("POST", "/logout/saml2/slo");
    request.setServletPath("/logout/saml2/slo");
    request.setParameter(Saml2ParameterNames.SAML_RESPONSE, "response");
    MockHttpServletResponse response = new MockHttpServletResponse();
    RelyingPartyRegistration registration = TestRelyingPartyRegistrations.full().build();
    given(this.relyingPartyRegistrationResolver.resolve(request, "registration-id")).willReturn(registration);
    Saml2LogoutRequest logoutRequest = Saml2LogoutRequest.withRelyingPartyRegistration(registration).samlRequest("request").build();
    given(this.logoutRequestRepository.removeLogoutRequest(request, response)).willReturn(logoutRequest);
    given(this.logoutResponseValidator.validate(any())).willReturn(Saml2LogoutValidatorResult.withErrors(new Saml2Error("error", "description")).build());
    this.logoutResponseProcessingFilter.doFilterInternal(request, response, new MockFilterChain());
    verify(this.logoutResponseValidator).validate(any());
    verifyNoInteractions(this.logoutSuccessHandler);
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Saml2Error(org.springframework.security.saml2.core.Saml2Error) Authentication(org.springframework.security.core.Authentication) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Saml2LogoutRequest(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) MockFilterChain(org.springframework.mock.web.MockFilterChain) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 38 with Saml2LogoutRequest

use of org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest in project spring-security by spring-projects.

the class HttpSessionLogoutRequestRepositoryTests method loadLogoutRequestWhenMultipleSavedThenReplacesLogoutRequest.

@Test
public void loadLogoutRequestWhenMultipleSavedThenReplacesLogoutRequest() {
    MockHttpServletRequest request = new MockHttpServletRequest();
    MockHttpServletResponse response = new MockHttpServletResponse();
    Saml2LogoutRequest one = createLogoutRequest().relayState("state-1122").build();
    this.logoutRequestRepository.saveLogoutRequest(one, request, response);
    Saml2LogoutRequest two = createLogoutRequest().relayState("state-3344").build();
    this.logoutRequestRepository.saveLogoutRequest(two, request, response);
    request.setParameter(Saml2ParameterNames.RELAY_STATE, one.getRelayState());
    assertThat(this.logoutRequestRepository.loadLogoutRequest(request)).isNull();
    request.setParameter(Saml2ParameterNames.RELAY_STATE, two.getRelayState());
    assertThat(this.logoutRequestRepository.loadLogoutRequest(request)).isEqualTo(two);
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Saml2LogoutRequest(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 39 with Saml2LogoutRequest

use of org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest in project spring-security by spring-projects.

the class HttpSessionLogoutRequestRepositoryTests method removeLogoutRequestWhenSavedThenRemovedFromSession.

// gh-5263
@Test
public void removeLogoutRequestWhenSavedThenRemovedFromSession() {
    MockHttpServletRequest request = new MockHttpServletRequest();
    MockHttpServletResponse response = new MockHttpServletResponse();
    Saml2LogoutRequest logoutRequest = createLogoutRequest().build();
    this.logoutRequestRepository.saveLogoutRequest(logoutRequest, request, response);
    request.addParameter(Saml2ParameterNames.RELAY_STATE, logoutRequest.getRelayState());
    Saml2LogoutRequest removedLogoutRequest = this.logoutRequestRepository.removeLogoutRequest(request, response);
    String sessionAttributeName = HttpSessionLogoutRequestRepository.class.getName() + ".AUTHORIZATION_REQUEST";
    assertThat(removedLogoutRequest).isNotNull();
    assertThat(request.getSession().getAttribute(sessionAttributeName)).isNull();
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Saml2LogoutRequest(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 40 with Saml2LogoutRequest

use of org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest in project spring-security by spring-projects.

the class HttpSessionLogoutRequestRepositoryTests method removeLogoutRequestWhenSavedThenRemoved.

@Test
public void removeLogoutRequestWhenSavedThenRemoved() {
    MockHttpServletRequest request = new MockHttpServletRequest();
    MockHttpServletResponse response = new MockHttpServletResponse();
    Saml2LogoutRequest logoutRequest = createLogoutRequest().build();
    this.logoutRequestRepository.saveLogoutRequest(logoutRequest, request, response);
    request.addParameter(Saml2ParameterNames.RELAY_STATE, logoutRequest.getRelayState());
    Saml2LogoutRequest removedLogoutRequest = this.logoutRequestRepository.removeLogoutRequest(request, response);
    Saml2LogoutRequest loadedLogoutRequest = this.logoutRequestRepository.loadLogoutRequest(request);
    assertThat(removedLogoutRequest).isNotNull();
    assertThat(loadedLogoutRequest).isNull();
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Saml2LogoutRequest(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Aggregations

Test (org.junit.jupiter.api.Test)40 Saml2LogoutRequest (org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest)34 RelyingPartyRegistration (org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)31 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)27 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)22 LogoutRequest (org.opensaml.saml.saml2.core.LogoutRequest)15 Authentication (org.springframework.security.core.Authentication)12 Saml2MessageBinding (org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding)12 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)10 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)10 Saml2Authentication (org.springframework.security.saml2.provider.service.authentication.Saml2Authentication)10 TestRelyingPartyRegistrations (org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations)10 StandardCharsets (java.nio.charset.StandardCharsets)9 ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)8 BDDMockito.given (org.mockito.BDDMockito.given)8 Saml2ParameterNames (org.springframework.security.saml2.core.Saml2ParameterNames)7 DefaultSaml2AuthenticatedPrincipal (org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal)7 HttpServletRequest (jakarta.servlet.http.HttpServletRequest)6 AfterEach (org.junit.jupiter.api.AfterEach)5 BeforeEach (org.junit.jupiter.api.BeforeEach)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial