Examples with AssertingPartyDetails org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails used on opensource projects

Search in sources :

Example 1 with AssertingPartyDetails

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails in project spring-security by spring-projects.

the class Saml2LoginConfigurerTests method authenticateWhenCustomLoginProcessingUrlAndCustomAuthenticationConverterThenAuthenticate.

@Test
public void authenticateWhenCustomLoginProcessingUrlAndCustomAuthenticationConverterThenAuthenticate() throws Exception {
    this.spring.register(CustomLoginProcessingUrlCustomAuthenticationConverter.class).autowire();
    RelyingPartyRegistration relyingPartyRegistration = TestRelyingPartyRegistrations.noCredentials().assertingPartyDetails((party) -> party.verificationX509Credentials((c) -> c.add(TestSaml2X509Credentials.relyingPartyVerifyingCredential()))).build();
    String response = new String(Saml2Utils.samlDecode(SIGNED_RESPONSE));
    given(AUTHENTICATION_CONVERTER.convert(any(HttpServletRequest.class))).willReturn(new Saml2AuthenticationToken(relyingPartyRegistration, response));
    // @formatter:off
    MockHttpServletRequestBuilder request = post("/my/custom/url").param("SAMLResponse", SIGNED_RESPONSE);
    // @formatter:on
    this.mvc.perform(request).andExpect(redirectedUrl("/"));
    verify(AUTHENTICATION_CONVERTER).convert(any(HttpServletRequest.class));
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Saml2AuthenticationRequestRepository(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestRepository) BeforeEach(org.junit.jupiter.api.BeforeEach) UriComponentsBuilder(org.springframework.web.util.UriComponentsBuilder) URLDecoder(java.net.URLDecoder) FilterChainProxy(org.springframework.security.web.FilterChainProxy) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) Saml2AuthenticationRequestResolver(org.springframework.security.saml2.provider.service.web.authentication.Saml2AuthenticationRequestResolver) AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) Autowired(org.springframework.beans.factory.annotation.Autowired) AuthenticationProvider(org.springframework.security.authentication.AuthenticationProvider) ObjectPostProcessor(org.springframework.security.config.annotation.ObjectPostProcessor) HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity) HttpSessionSecurityContextRepository(org.springframework.security.web.context.HttpSessionSecurityContextRepository) ServletException(jakarta.servlet.ServletException) RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) Mockito.verifyNoInteractions(org.mockito.Mockito.verifyNoInteractions) WebSecurityConfigurerAdapter(org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter) ExtendWith(org.junit.jupiter.api.extension.ExtendWith) BDDMockito.given(org.mockito.BDDMockito.given) Duration(java.time.Duration) ConfigurableApplicationContext(org.springframework.context.ConfigurableApplicationContext) Saml2AuthenticationRequestContext(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext) OpenSamlAuthenticationProvider(org.springframework.security.saml2.provider.service.authentication.OpenSamlAuthenticationProvider) AuthenticationException(org.springframework.security.core.AuthenticationException) DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver) OpenSaml4AuthenticationRequestResolver(org.springframework.security.saml2.provider.service.web.authentication.OpenSaml4AuthenticationRequestResolver) Saml2Authentication(org.springframework.security.saml2.provider.service.authentication.Saml2Authentication) Collection(java.util.Collection) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockMvcResultMatchers.redirectedUrl(org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrl) Instant(java.time.Instant) GrantedAuthority(org.springframework.security.core.GrantedAuthority) Test(org.junit.jupiter.api.Test) Base64(java.util.Base64) Saml2AuthenticationException(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationException) TestSaml2AuthenticationRequestContexts(org.springframework.security.saml2.provider.service.authentication.TestSaml2AuthenticationRequestContexts) Authentication(org.springframework.security.core.Authentication) Mockito.mock(org.mockito.Mockito.mock) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) MockFilterChain(org.springframework.mock.web.MockFilterChain) HttpRequestResponseHolder(org.springframework.security.web.context.HttpRequestResponseHolder) RelyingPartyRegistrationRepository(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) OpenSaml4AuthenticationProvider(org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) TestOpenSamlObjects(org.springframework.security.saml2.provider.service.authentication.TestOpenSamlObjects) MockMvc(org.springframework.test.web.servlet.MockMvc) ArgumentCaptor(org.mockito.ArgumentCaptor) Saml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestContextResolver) MockMvcResultMatchers.status(org.springframework.test.web.servlet.result.MockMvcResultMatchers.status) BeanCreationException(org.springframework.beans.factory.BeanCreationException) MockMvcRequestBuilders.post(org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post) AbstractSaml2AuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest) MvcResult(org.springframework.test.web.servlet.MvcResult) Assertion(org.opensaml.saml.saml2.core.Assertion) OpenSaml4AuthenticationRequestFactory(org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationRequestFactory) Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType) Converter(org.springframework.core.convert.converter.Converter) Saml2ErrorCodes(org.springframework.security.saml2.core.Saml2ErrorCodes) Saml2WebSsoAuthenticationFilter(org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter) Saml2AuthenticationRequestFactory(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestFactory) Saml2AuthenticationToken(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken) AuthenticationManager(org.springframework.security.authentication.AuthenticationManager) RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver) AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException) Saml2Utils(org.springframework.security.saml2.core.Saml2Utils) Customizer(org.springframework.security.config.Customizer) Import(org.springframework.context.annotation.Import) ProviderManager(org.springframework.security.authentication.ProviderManager) Saml2AuthenticationTokenConverter(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationTokenConverter) ReflectionTestUtils(org.springframework.test.util.ReflectionTestUtils) IOException(java.io.IOException) TestSaml2X509Credentials(org.springframework.security.saml2.core.TestSaml2X509Credentials) SecurityFilterChain(org.springframework.security.web.SecurityFilterChain) Mockito.verify(org.mockito.Mockito.verify) AfterEach(org.junit.jupiter.api.AfterEach) GrantedAuthoritiesMapper(org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper) EnableWebSecurity(org.springframework.security.config.annotation.web.configuration.EnableWebSecurity) SpringTestContext(org.springframework.security.config.test.SpringTestContext) Assertions(org.junit.jupiter.api.Assertions) AuthenticationConverter(org.springframework.security.web.authentication.AuthenticationConverter) MockMvcRequestBuilders.get(org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get) SpringTestContextExtension(org.springframework.security.config.test.SpringTestContextExtension) AuthenticationFailureHandler(org.springframework.security.web.authentication.AuthenticationFailureHandler) SecurityContextRepository(org.springframework.security.web.context.SecurityContextRepository) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) Bean(org.springframework.context.annotation.Bean) Customizer.withDefaults(org.springframework.security.config.Customizer.withDefaults) Collections(java.util.Collections) TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations) UriComponents(org.springframework.web.util.UriComponents) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Saml2AuthenticationToken(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken) Test(org.junit.jupiter.api.Test)

Example 2 with AssertingPartyDetails

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails in project spring-security by spring-projects.

the class Saml2LoginConfigurerTests method authenticateWhenCustomLoginProcessingUrlAndSaml2AuthenticationTokenConverterBeanThenAuthenticate.

@Test
public void authenticateWhenCustomLoginProcessingUrlAndSaml2AuthenticationTokenConverterBeanThenAuthenticate() throws Exception {
    this.spring.register(CustomLoginProcessingUrlSaml2AuthenticationTokenConverterBean.class).autowire();
    Saml2AuthenticationTokenConverter authenticationConverter = this.spring.getContext().getBean(Saml2AuthenticationTokenConverter.class);
    RelyingPartyRegistration relyingPartyRegistration = TestRelyingPartyRegistrations.noCredentials().assertingPartyDetails((party) -> party.verificationX509Credentials((c) -> c.add(TestSaml2X509Credentials.relyingPartyVerifyingCredential()))).build();
    String response = new String(Saml2Utils.samlDecode(SIGNED_RESPONSE));
    given(authenticationConverter.convert(any(HttpServletRequest.class))).willReturn(new Saml2AuthenticationToken(relyingPartyRegistration, response));
    // @formatter:off
    MockHttpServletRequestBuilder request = post("/my/custom/url").param("SAMLResponse", SIGNED_RESPONSE);
    // @formatter:on
    this.mvc.perform(request).andExpect(redirectedUrl("/"));
    verify(authenticationConverter).convert(any(HttpServletRequest.class));
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Saml2AuthenticationRequestRepository(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestRepository) BeforeEach(org.junit.jupiter.api.BeforeEach) UriComponentsBuilder(org.springframework.web.util.UriComponentsBuilder) URLDecoder(java.net.URLDecoder) FilterChainProxy(org.springframework.security.web.FilterChainProxy) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) Saml2AuthenticationRequestResolver(org.springframework.security.saml2.provider.service.web.authentication.Saml2AuthenticationRequestResolver) AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) Autowired(org.springframework.beans.factory.annotation.Autowired) AuthenticationProvider(org.springframework.security.authentication.AuthenticationProvider) ObjectPostProcessor(org.springframework.security.config.annotation.ObjectPostProcessor) HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity) HttpSessionSecurityContextRepository(org.springframework.security.web.context.HttpSessionSecurityContextRepository) ServletException(jakarta.servlet.ServletException) RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) Mockito.verifyNoInteractions(org.mockito.Mockito.verifyNoInteractions) WebSecurityConfigurerAdapter(org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter) ExtendWith(org.junit.jupiter.api.extension.ExtendWith) BDDMockito.given(org.mockito.BDDMockito.given) Duration(java.time.Duration) ConfigurableApplicationContext(org.springframework.context.ConfigurableApplicationContext) Saml2AuthenticationRequestContext(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext) OpenSamlAuthenticationProvider(org.springframework.security.saml2.provider.service.authentication.OpenSamlAuthenticationProvider) AuthenticationException(org.springframework.security.core.AuthenticationException) DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver) OpenSaml4AuthenticationRequestResolver(org.springframework.security.saml2.provider.service.web.authentication.OpenSaml4AuthenticationRequestResolver) Saml2Authentication(org.springframework.security.saml2.provider.service.authentication.Saml2Authentication) Collection(java.util.Collection) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockMvcResultMatchers.redirectedUrl(org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrl) Instant(java.time.Instant) GrantedAuthority(org.springframework.security.core.GrantedAuthority) Test(org.junit.jupiter.api.Test) Base64(java.util.Base64) Saml2AuthenticationException(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationException) TestSaml2AuthenticationRequestContexts(org.springframework.security.saml2.provider.service.authentication.TestSaml2AuthenticationRequestContexts) Authentication(org.springframework.security.core.Authentication) Mockito.mock(org.mockito.Mockito.mock) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) MockFilterChain(org.springframework.mock.web.MockFilterChain) HttpRequestResponseHolder(org.springframework.security.web.context.HttpRequestResponseHolder) RelyingPartyRegistrationRepository(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) OpenSaml4AuthenticationProvider(org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) TestOpenSamlObjects(org.springframework.security.saml2.provider.service.authentication.TestOpenSamlObjects) MockMvc(org.springframework.test.web.servlet.MockMvc) ArgumentCaptor(org.mockito.ArgumentCaptor) Saml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestContextResolver) MockMvcResultMatchers.status(org.springframework.test.web.servlet.result.MockMvcResultMatchers.status) BeanCreationException(org.springframework.beans.factory.BeanCreationException) MockMvcRequestBuilders.post(org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post) AbstractSaml2AuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest) MvcResult(org.springframework.test.web.servlet.MvcResult) Assertion(org.opensaml.saml.saml2.core.Assertion) OpenSaml4AuthenticationRequestFactory(org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationRequestFactory) Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType) Converter(org.springframework.core.convert.converter.Converter) Saml2ErrorCodes(org.springframework.security.saml2.core.Saml2ErrorCodes) Saml2WebSsoAuthenticationFilter(org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter) Saml2AuthenticationRequestFactory(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestFactory) Saml2AuthenticationToken(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken) AuthenticationManager(org.springframework.security.authentication.AuthenticationManager) RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver) AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException) Saml2Utils(org.springframework.security.saml2.core.Saml2Utils) Customizer(org.springframework.security.config.Customizer) Import(org.springframework.context.annotation.Import) ProviderManager(org.springframework.security.authentication.ProviderManager) Saml2AuthenticationTokenConverter(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationTokenConverter) ReflectionTestUtils(org.springframework.test.util.ReflectionTestUtils) IOException(java.io.IOException) TestSaml2X509Credentials(org.springframework.security.saml2.core.TestSaml2X509Credentials) SecurityFilterChain(org.springframework.security.web.SecurityFilterChain) Mockito.verify(org.mockito.Mockito.verify) AfterEach(org.junit.jupiter.api.AfterEach) GrantedAuthoritiesMapper(org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper) EnableWebSecurity(org.springframework.security.config.annotation.web.configuration.EnableWebSecurity) SpringTestContext(org.springframework.security.config.test.SpringTestContext) Assertions(org.junit.jupiter.api.Assertions) AuthenticationConverter(org.springframework.security.web.authentication.AuthenticationConverter) MockMvcRequestBuilders.get(org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get) SpringTestContextExtension(org.springframework.security.config.test.SpringTestContextExtension) AuthenticationFailureHandler(org.springframework.security.web.authentication.AuthenticationFailureHandler) SecurityContextRepository(org.springframework.security.web.context.SecurityContextRepository) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) Bean(org.springframework.context.annotation.Bean) Customizer.withDefaults(org.springframework.security.config.Customizer.withDefaults) Collections(java.util.Collections) TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations) UriComponents(org.springframework.web.util.UriComponents) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) Saml2AuthenticationTokenConverter(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationTokenConverter) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Saml2AuthenticationToken(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken) Test(org.junit.jupiter.api.Test)

Example 3 with AssertingPartyDetails

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails in project spring-security by spring-projects.

the class Saml2WebSsoAuthenticationRequestFilterTests method doFilterWhenPathStartsWithRegistrationIdThenPosts.

@Test
public void doFilterWhenPathStartsWithRegistrationIdThenPosts() throws Exception {
    RelyingPartyRegistration registration = TestRelyingPartyRegistrations.full().assertingPartyDetails((party) -> party.singleSignOnServiceBinding(Saml2MessageBinding.POST)).build();
    RequestMatcher matcher = new AntPathRequestMatcher("/{registrationId}/saml2/authenticate");
    DefaultRelyingPartyRegistrationResolver delegate = new DefaultRelyingPartyRegistrationResolver(this.repository);
    RelyingPartyRegistrationResolver resolver = (request, id) -> {
        String registrationId = matcher.matcher(request).getVariables().get("registrationId");
        return delegate.resolve(request, registrationId);
    };
    Saml2AuthenticationRequestContextResolver authenticationRequestContextResolver = new DefaultSaml2AuthenticationRequestContextResolver(resolver);
    Saml2PostAuthenticationRequest authenticationRequest = mock(Saml2PostAuthenticationRequest.class);
    given(authenticationRequest.getAuthenticationRequestUri()).willReturn("uri");
    given(authenticationRequest.getRelayState()).willReturn("relay");
    given(authenticationRequest.getSamlRequest()).willReturn("saml");
    given(this.repository.findByRegistrationId("registration-id")).willReturn(registration);
    given(this.factory.createPostAuthenticationRequest(any())).willReturn(authenticationRequest);
    this.filter = new Saml2WebSsoAuthenticationRequestFilter(authenticationRequestContextResolver, this.factory);
    this.filter.setRedirectMatcher(matcher);
    this.request.setPathInfo("/registration-id/saml2/authenticate");
    this.filter.doFilter(this.request, this.response, new MockFilterChain());
    verify(this.repository).findByRegistrationId("registration-id");
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Saml2AuthenticationRequestRepository(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestRepository) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) BeforeEach(org.junit.jupiter.api.BeforeEach) MockFilterChain(org.springframework.mock.web.MockFilterChain) ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq) RelyingPartyRegistrationRepository(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) Saml2AuthenticationRequestResolver(org.springframework.security.saml2.provider.service.web.authentication.Saml2AuthenticationRequestResolver) DefaultSaml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.DefaultSaml2AuthenticationRequestContextResolver) ServletException(jakarta.servlet.ServletException) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) HtmlUtils(org.springframework.web.util.HtmlUtils) Saml2MessageBinding(org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding) Mockito.verifyNoInteractions(org.mockito.Mockito.verifyNoInteractions) Saml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestContextResolver) BDDMockito.given(org.mockito.BDDMockito.given) AbstractSaml2AuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest) Saml2AuthenticationRequestContext(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext) Saml2PostAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest) Saml2RedirectAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest) DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver) Saml2AuthenticationRequestFactory(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestFactory) ServletRequest(jakarta.servlet.ServletRequest) RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver) IOException(java.io.IOException) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) StandardCharsets(java.nio.charset.StandardCharsets) Mockito.verify(org.mockito.Mockito.verify) Test(org.junit.jupiter.api.Test) TestSaml2X509Credentials(org.springframework.security.saml2.credentials.TestSaml2X509Credentials) ServletResponse(jakarta.servlet.ServletResponse) Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException) UriUtils(org.springframework.web.util.UriUtils) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) TestSaml2AuthenticationRequestContexts(org.springframework.security.saml2.provider.service.authentication.TestSaml2AuthenticationRequestContexts) TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) Mockito.mock(org.mockito.Mockito.mock) RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) DefaultSaml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.DefaultSaml2AuthenticationRequestContextResolver) Saml2PostAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver) DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver) RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver) MockFilterChain(org.springframework.mock.web.MockFilterChain) DefaultSaml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.DefaultSaml2AuthenticationRequestContextResolver) Saml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestContextResolver) Test(org.junit.jupiter.api.Test)

Example 4 with AssertingPartyDetails

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails in project spring-security by spring-projects.

the class OpenSaml3LogoutRequestResolverTests method resolveWhenCustomParametersConsumerThenUses.

@Test
public void resolveWhenCustomParametersConsumerThenUses() {
    OpenSaml3LogoutRequestResolver logoutRequestResolver = new OpenSaml3LogoutRequestResolver(this.relyingPartyRegistrationResolver);
    logoutRequestResolver.setParametersConsumer((parameters) -> parameters.getLogoutRequest().setID("myid"));
    HttpServletRequest request = new MockHttpServletRequest();
    RelyingPartyRegistration registration = TestRelyingPartyRegistrations.relyingPartyRegistration().assertingPartyDetails((party) -> party.singleLogoutServiceLocation("https://ap.example.com/logout")).build();
    Authentication authentication = new TestingAuthenticationToken("user", "password");
    given(this.relyingPartyRegistrationResolver.resolve(any(), any())).willReturn(registration);
    Saml2LogoutRequest logoutRequest = logoutRequestResolver.resolve(request, authentication);
    assertThat(logoutRequest.getId()).isEqualTo("myid");
}
Also used : HttpServletRequest(jakarta.servlet.http.HttpServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Test(org.junit.jupiter.api.Test) BDDMockito.given(org.mockito.BDDMockito.given) Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType) Authentication(org.springframework.security.core.Authentication) Saml2LogoutRequest(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest) TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations) Mockito.mock(org.mockito.Mockito.mock) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Authentication(org.springframework.security.core.Authentication) Saml2LogoutRequest(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Test(org.junit.jupiter.api.Test)

Example 5 with AssertingPartyDetails

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails in project spring-security by spring-projects.

the class OpenSaml4LogoutRequestResolverTests method resolveWhenCustomParametersConsumerThenUses.

@Test
public void resolveWhenCustomParametersConsumerThenUses() {
    OpenSaml4LogoutRequestResolver logoutRequestResolver = new OpenSaml4LogoutRequestResolver(this.relyingPartyRegistrationResolver);
    logoutRequestResolver.setParametersConsumer((parameters) -> parameters.getLogoutRequest().setID("myid"));
    HttpServletRequest request = new MockHttpServletRequest();
    RelyingPartyRegistration registration = TestRelyingPartyRegistrations.relyingPartyRegistration().assertingPartyDetails((party) -> party.singleLogoutServiceLocation("https://ap.example.com/logout")).build();
    Authentication authentication = new TestingAuthenticationToken("user", "password");
    given(this.relyingPartyRegistrationResolver.resolve(any(), any())).willReturn(registration);
    Saml2LogoutRequest logoutRequest = logoutRequestResolver.resolve(request, authentication);
    assertThat(logoutRequest.getId()).isEqualTo("myid");
}
Also used : HttpServletRequest(jakarta.servlet.http.HttpServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Test(org.junit.jupiter.api.Test) BDDMockito.given(org.mockito.BDDMockito.given) Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType) Authentication(org.springframework.security.core.Authentication) Saml2LogoutRequest(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest) TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations) Mockito.mock(org.mockito.Mockito.mock) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Authentication(org.springframework.security.core.Authentication) Saml2LogoutRequest(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Test(org.junit.jupiter.api.Test)

Aggregations

RelyingPartyRegistration (org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)24 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)22 TestRelyingPartyRegistrations (org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations)22 Test (org.junit.jupiter.api.Test)21 BDDMockito.given (org.mockito.BDDMockito.given)18 Mockito.mock (org.mockito.Mockito.mock)16 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)15 Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)14 ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)14 Saml2MessageBinding (org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding)14 Mockito.verify (org.mockito.Mockito.verify)13 Authentication (org.springframework.security.core.Authentication)12 RelyingPartyRegistrationResolver (org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver)12 BeforeEach (org.junit.jupiter.api.BeforeEach)11 StandardCharsets (java.nio.charset.StandardCharsets)10 TestSaml2X509Credentials (org.springframework.security.saml2.core.TestSaml2X509Credentials)9 Assertions (org.junit.jupiter.api.Assertions)8 AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)8 Converter (org.springframework.core.convert.converter.Converter)8 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial