Example 6 with Saml2LogoutResponseValidatorParameters
use of org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponseValidatorParameters in project spring-security by spring-projects.
the class OpenSamlLogoutResponseValidatorTests method handleWhenRedirectBindingThenValidatesSignatureParameter.
@Test
public void handleWhenRedirectBindingThenValidatesSignatureParameter() {
RelyingPartyRegistration registration = signing(verifying(registration())).assertingPartyDetails((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.REDIRECT)).build();
Saml2LogoutRequest logoutRequest = Saml2LogoutRequest.withRelyingPartyRegistration(registration).id("id").build();
LogoutResponse logoutResponse = TestOpenSamlObjects.assertingPartyLogoutResponse(registration);
Saml2LogoutResponse response = redirect(logoutResponse, registration, OpenSamlSigningUtils.sign(registration));
Saml2LogoutResponseValidatorParameters parameters = new Saml2LogoutResponseValidatorParameters(response, logoutRequest, registration);
this.manager.validate(parameters);
}
Also used :
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
Saml2ErrorCodes(org.springframework.security.saml2.core.Saml2ErrorCodes)
Assertions.assertThat(org.assertj.core.api.Assertions.assertThat)
LogoutResponse(org.opensaml.saml.saml2.core.LogoutResponse)
QueryParametersPartial(org.springframework.security.saml2.provider.service.authentication.logout.OpenSamlSigningUtils.QueryParametersPartial)
TestSaml2X509Credentials(org.springframework.security.saml2.core.TestSaml2X509Credentials)
StandardCharsets(java.nio.charset.StandardCharsets)
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
Saml2MessageBinding(org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding)
Test(org.junit.jupiter.api.Test)
TestOpenSamlObjects(org.springframework.security.saml2.provider.service.authentication.TestOpenSamlObjects)
StatusCode(org.opensaml.saml.saml2.core.StatusCode)
Saml2ParameterNames(org.springframework.security.saml2.core.Saml2ParameterNames)
Map(java.util.Map)
XMLObject(org.opensaml.core.xml.XMLObject)
TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations)
LogoutResponse(org.opensaml.saml.saml2.core.LogoutResponse)
Test(org.junit.jupiter.api.Test)
Example 7 with Saml2LogoutResponseValidatorParameters
use of org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponseValidatorParameters in project spring-security by spring-projects.
the class OpenSamlLogoutResponseValidatorTests method handleWhenInvalidIssuerThenInvalidSignatureError.
@Test
public void handleWhenInvalidIssuerThenInvalidSignatureError() {
RelyingPartyRegistration registration = registration().build();
Saml2LogoutRequest logoutRequest = Saml2LogoutRequest.withRelyingPartyRegistration(registration).id("id").build();
LogoutResponse logoutResponse = TestOpenSamlObjects.assertingPartyLogoutResponse(registration);
logoutResponse.getIssuer().setValue("wrong");
sign(logoutResponse, registration);
Saml2LogoutResponse response = post(logoutResponse, registration);
Saml2LogoutResponseValidatorParameters parameters = new Saml2LogoutResponseValidatorParameters(response, logoutRequest, registration);
Saml2LogoutValidatorResult result = this.manager.validate(parameters);
assertThat(result.hasErrors()).isTrue();
assertThat(result.getErrors().iterator().next().getErrorCode()).isEqualTo(Saml2ErrorCodes.INVALID_SIGNATURE);
}
Also used :
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
LogoutResponse(org.opensaml.saml.saml2.core.LogoutResponse)
Test(org.junit.jupiter.api.Test)
Aggregations
RelyingPartyRegistration (org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)7
LogoutResponse (org.opensaml.saml.saml2.core.LogoutResponse)6
Test (org.junit.jupiter.api.Test)5
Saml2ErrorCodes (org.springframework.security.saml2.core.Saml2ErrorCodes)2
Saml2ParameterNames (org.springframework.security.saml2.core.Saml2ParameterNames)2
Saml2MessageBinding (org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding)2
FilterChain (jakarta.servlet.FilterChain)1
ServletException (jakarta.servlet.ServletException)1
HttpServletRequest (jakarta.servlet.http.HttpServletRequest)1
HttpServletResponse (jakarta.servlet.http.HttpServletResponse)1
IOException (java.io.IOException)1
StandardCharsets (java.nio.charset.StandardCharsets)1
Map (java.util.Map)1
Log (org.apache.commons.logging.Log)1
LogFactory (org.apache.commons.logging.LogFactory)1
Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)1
XMLObject (org.opensaml.core.xml.XMLObject)1
StatusCode (org.opensaml.saml.saml2.core.StatusCode)1
LogMessage (org.springframework.core.log.LogMessage)1
Saml2Error (org.springframework.security.saml2.core.Saml2Error)1
