Example 46 with RelyingPartyRegistration
use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.
the class DefaultRelyingPartyRegistrationResolverTests method resolveWhenRequestIsMissingRegistrationIdThenNull.
@Test
public void resolveWhenRequestIsMissingRegistrationIdThenNull() {
MockHttpServletRequest request = new MockHttpServletRequest();
RelyingPartyRegistration registration = this.resolver.convert(request);
assertThat(registration).isNull();
}
Also used :
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
Test(org.junit.jupiter.api.Test)
Example 47 with RelyingPartyRegistration
use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.
the class Saml2MetadataFilterTests method doFilterWhenSetMetadataFilenameThenUses.
@Test
public void doFilterWhenSetMetadataFilenameThenUses() throws Exception {
RelyingPartyRegistration validRegistration = TestRelyingPartyRegistrations.full().build();
String testMetadataFilename = "test-{registrationId}-metadata.xml";
String fileName = testMetadataFilename.replace("{registrationId}", validRegistration.getRegistrationId());
String encodedFileName = URLEncoder.encode(fileName, StandardCharsets.UTF_8.name());
String generatedMetadata = "<xml>test</xml>";
this.request.setPathInfo("/saml2/service-provider-metadata/registration-id");
given(this.resolver.resolve(validRegistration)).willReturn(generatedMetadata);
this.filter = new Saml2MetadataFilter((request) -> validRegistration, this.resolver);
this.filter.setMetadataFilename(testMetadataFilename);
this.filter.doFilter(this.request, this.response, this.chain);
assertThat(this.response.getHeaderValue(HttpHeaders.CONTENT_DISPOSITION)).asString().isEqualTo("attachment; filename=\"%s\"; filename*=UTF-8''%s", fileName, encodedFileName);
}
Also used :
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
BeforeEach(org.junit.jupiter.api.BeforeEach)
Saml2MetadataResolver(org.springframework.security.saml2.provider.service.metadata.Saml2MetadataResolver)
MockFilterChain(org.springframework.mock.web.MockFilterChain)
HttpHeaders(org.springframework.http.HttpHeaders)
RelyingPartyRegistrationRepository(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository)
Assertions.assertThat(org.assertj.core.api.Assertions.assertThat)
FilterChain(jakarta.servlet.FilterChain)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
TestSaml2X509Credentials(org.springframework.security.saml2.core.TestSaml2X509Credentials)
StandardCharsets(java.nio.charset.StandardCharsets)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
Mockito.verify(org.mockito.Mockito.verify)
Mockito.verifyNoInteractions(org.mockito.Mockito.verifyNoInteractions)
Test(org.junit.jupiter.api.Test)
URLEncoder(java.net.URLEncoder)
BDDMockito.given(org.mockito.BDDMockito.given)
Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType)
Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException)
TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations)
AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher)
Mockito.mock(org.mockito.Mockito.mock)
Test(org.junit.jupiter.api.Test)
Example 48 with RelyingPartyRegistration
use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.
the class Saml2MetadataFilterTests method doFilterWhenPathStartsWithRegistrationIdThenServesMetadata.
@Test
public void doFilterWhenPathStartsWithRegistrationIdThenServesMetadata() throws Exception {
RelyingPartyRegistration registration = TestRelyingPartyRegistrations.full().build();
given(this.repository.findByRegistrationId("registration-id")).willReturn(registration);
given(this.resolver.resolve(any())).willReturn("metadata");
RelyingPartyRegistrationResolver resolver = new DefaultRelyingPartyRegistrationResolver((id) -> this.repository.findByRegistrationId("registration-id"));
this.filter = new Saml2MetadataFilter(resolver, this.resolver);
this.filter.setRequestMatcher(new AntPathRequestMatcher("/metadata"));
this.request.setPathInfo("/metadata");
this.filter.doFilter(this.request, this.response, new MockFilterChain());
verify(this.repository).findByRegistrationId("registration-id");
}
Also used :
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher)
MockFilterChain(org.springframework.mock.web.MockFilterChain)
Test(org.junit.jupiter.api.Test)
Example 49 with RelyingPartyRegistration
use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.
the class OpenSamlDecryptionUtils method decryptResponseElements.
static void decryptResponseElements(Response response, RelyingPartyRegistration registration) {
Decrypter decrypter = decrypter(registration);
for (EncryptedAssertion encryptedAssertion : response.getEncryptedAssertions()) {
try {
Assertion assertion = decrypter.decrypt(encryptedAssertion);
response.getAssertions().add(assertion);
} catch (Exception ex) {
throw new Saml2Exception(ex);
}
}
}
Also used :
EncryptedAssertion(org.opensaml.saml.saml2.core.EncryptedAssertion)
EncryptedAssertion(org.opensaml.saml.saml2.core.EncryptedAssertion)
Assertion(org.opensaml.saml.saml2.core.Assertion)
Decrypter(org.opensaml.saml.saml2.encryption.Decrypter)
Saml2Exception(org.springframework.security.saml2.Saml2Exception)
Saml2Exception(org.springframework.security.saml2.Saml2Exception)
Example 50 with RelyingPartyRegistration
use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.
the class OpenSamlDecryptionUtils method decrypter.
private static Decrypter decrypter(RelyingPartyRegistration registration) {
Collection<Credential> credentials = new ArrayList<>();
for (Saml2X509Credential key : registration.getDecryptionX509Credentials()) {
Credential cred = CredentialSupport.getSimpleCredential(key.getCertificate(), key.getPrivateKey());
credentials.add(cred);
}
KeyInfoCredentialResolver resolver = new CollectionKeyInfoCredentialResolver(credentials);
Decrypter decrypter = new Decrypter(null, resolver, encryptedKeyResolver);
decrypter.setRootInNewDocument(true);
return decrypter;
}
Also used :
Credential(org.opensaml.security.credential.Credential)
Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential)
ArrayList(java.util.ArrayList)
Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential)
Decrypter(org.opensaml.saml.saml2.encryption.Decrypter)
CollectionKeyInfoCredentialResolver(org.opensaml.xmlsec.keyinfo.impl.CollectionKeyInfoCredentialResolver)
KeyInfoCredentialResolver(org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver)
CollectionKeyInfoCredentialResolver(org.opensaml.xmlsec.keyinfo.impl.CollectionKeyInfoCredentialResolver)
Aggregations
RelyingPartyRegistration (org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)97
Test (org.junit.jupiter.api.Test)68
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)41
Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)36
TestRelyingPartyRegistrations (org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations)36
Saml2MessageBinding (org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding)34
BDDMockito.given (org.mockito.BDDMockito.given)28
Saml2X509Credential (org.springframework.security.saml2.core.Saml2X509Credential)28
Authentication (org.springframework.security.core.Authentication)26
StandardCharsets (java.nio.charset.StandardCharsets)24
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)24
Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)23
BeforeEach (org.junit.jupiter.api.BeforeEach)22
Mockito.mock (org.mockito.Mockito.mock)22
LogoutRequest (org.opensaml.saml.saml2.core.LogoutRequest)22
Saml2Exception (org.springframework.security.saml2.Saml2Exception)22
ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)21
Mockito.verify (org.mockito.Mockito.verify)19
MockFilterChain (org.springframework.mock.web.MockFilterChain)19
Saml2Authentication (org.springframework.security.saml2.provider.service.authentication.Saml2Authentication)19
