Examples with RelyingPartyRegistration org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration used on opensource projects

Search in sources :

Example 66 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class OpenSamlSigningUtils method resolveSigningParameters.

private static SignatureSigningParameters resolveSigningParameters(RelyingPartyRegistration relyingPartyRegistration) {
    List<Credential> credentials = resolveSigningCredentials(relyingPartyRegistration);
    List<String> algorithms = relyingPartyRegistration.getAssertingPartyDetails().getSigningAlgorithms();
    List<String> digests = Collections.singletonList(SignatureConstants.ALGO_ID_DIGEST_SHA256);
    String canonicalization = SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS;
    SignatureSigningParametersResolver resolver = new SAMLMetadataSignatureSigningParametersResolver();
    CriteriaSet criteria = new CriteriaSet();
    BasicSignatureSigningConfiguration signingConfiguration = new BasicSignatureSigningConfiguration();
    signingConfiguration.setSigningCredentials(credentials);
    signingConfiguration.setSignatureAlgorithms(algorithms);
    signingConfiguration.setSignatureReferenceDigestMethods(digests);
    signingConfiguration.setSignatureCanonicalizationAlgorithm(canonicalization);
    signingConfiguration.setKeyInfoGeneratorManager(buildSignatureKeyInfoGeneratorManager());
    criteria.add(new SignatureSigningConfigurationCriterion(signingConfiguration));
    try {
        SignatureSigningParameters parameters = resolver.resolveSingle(criteria);
        Assert.notNull(parameters, "Failed to resolve any signing credential");
        return parameters;
    } catch (Exception ex) {
        throw new Saml2Exception(ex);
    }
}
Also used : BasicCredential(org.opensaml.security.credential.BasicCredential) Credential(org.opensaml.security.credential.Credential) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) SAMLMetadataSignatureSigningParametersResolver(org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver) SignatureSigningParametersResolver(org.opensaml.xmlsec.SignatureSigningParametersResolver) SignatureSigningParameters(org.opensaml.xmlsec.SignatureSigningParameters) SAMLMetadataSignatureSigningParametersResolver(org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver) CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet) SignatureSigningConfigurationCriterion(org.opensaml.xmlsec.criterion.SignatureSigningConfigurationCriterion) Saml2Exception(org.springframework.security.saml2.Saml2Exception) BasicSignatureSigningConfiguration(org.opensaml.xmlsec.impl.BasicSignatureSigningConfiguration) MarshallingException(org.opensaml.core.xml.io.MarshallingException) SecurityException(org.opensaml.security.SecurityException) Saml2Exception(org.springframework.security.saml2.Saml2Exception)

Example 67 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class Saml2AuthenticationTokenConverter method convert.

@Override
public Saml2AuthenticationToken convert(HttpServletRequest request) {
    RelyingPartyRegistration relyingPartyRegistration = this.relyingPartyRegistrationResolver.convert(request);
    if (relyingPartyRegistration == null) {
        return null;
    }
    String saml2Response = request.getParameter(Saml2ParameterNames.SAML_RESPONSE);
    if (saml2Response == null) {
        return null;
    }
    byte[] b = samlDecode(saml2Response);
    saml2Response = inflateIfRequired(request, b);
    AbstractSaml2AuthenticationRequest authenticationRequest = loadAuthenticationRequest(request);
    return new Saml2AuthenticationToken(relyingPartyRegistration, saml2Response, authenticationRequest);
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) AbstractSaml2AuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest) Saml2AuthenticationToken(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken)

Example 68 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class OpenSamlSigningUtils method resolveSigningParameters.

private static SignatureSigningParameters resolveSigningParameters(RelyingPartyRegistration relyingPartyRegistration) {
    List<Credential> credentials = resolveSigningCredentials(relyingPartyRegistration);
    List<String> algorithms = relyingPartyRegistration.getAssertingPartyDetails().getSigningAlgorithms();
    List<String> digests = Collections.singletonList(SignatureConstants.ALGO_ID_DIGEST_SHA256);
    String canonicalization = SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS;
    SignatureSigningParametersResolver resolver = new SAMLMetadataSignatureSigningParametersResolver();
    CriteriaSet criteria = new CriteriaSet();
    BasicSignatureSigningConfiguration signingConfiguration = new BasicSignatureSigningConfiguration();
    signingConfiguration.setSigningCredentials(credentials);
    signingConfiguration.setSignatureAlgorithms(algorithms);
    signingConfiguration.setSignatureReferenceDigestMethods(digests);
    signingConfiguration.setSignatureCanonicalizationAlgorithm(canonicalization);
    criteria.add(new SignatureSigningConfigurationCriterion(signingConfiguration));
    try {
        SignatureSigningParameters parameters = resolver.resolveSingle(criteria);
        Assert.notNull(parameters, "Failed to resolve any signing credential");
        return parameters;
    } catch (Exception ex) {
        throw new Saml2Exception(ex);
    }
}
Also used : BasicCredential(org.opensaml.security.credential.BasicCredential) Credential(org.opensaml.security.credential.Credential) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) SAMLMetadataSignatureSigningParametersResolver(org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver) SignatureSigningParametersResolver(org.opensaml.xmlsec.SignatureSigningParametersResolver) SignatureSigningParameters(org.opensaml.xmlsec.SignatureSigningParameters) SAMLMetadataSignatureSigningParametersResolver(org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver) CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet) SignatureSigningConfigurationCriterion(org.opensaml.xmlsec.criterion.SignatureSigningConfigurationCriterion) Saml2Exception(org.springframework.security.saml2.Saml2Exception) BasicSignatureSigningConfiguration(org.opensaml.xmlsec.impl.BasicSignatureSigningConfiguration) MarshallingException(org.opensaml.core.xml.io.MarshallingException) SecurityException(org.opensaml.security.SecurityException) Saml2Exception(org.springframework.security.saml2.Saml2Exception)

Example 69 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class OpenSamlSigningUtils method resolveSigningCredentials.

private static List<Credential> resolveSigningCredentials(RelyingPartyRegistration relyingPartyRegistration) {
    List<Credential> credentials = new ArrayList<>();
    for (Saml2X509Credential x509Credential : relyingPartyRegistration.getSigningX509Credentials()) {
        X509Certificate certificate = x509Credential.getCertificate();
        PrivateKey privateKey = x509Credential.getPrivateKey();
        BasicCredential credential = CredentialSupport.getSimpleCredential(certificate, privateKey);
        credential.setEntityId(relyingPartyRegistration.getEntityId());
        credential.setUsageType(UsageType.SIGNING);
        credentials.add(credential);
    }
    return credentials;
}
Also used : BasicCredential(org.opensaml.security.credential.BasicCredential) Credential(org.opensaml.security.credential.Credential) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) PrivateKey(java.security.PrivateKey) ArrayList(java.util.ArrayList) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) X509Certificate(java.security.cert.X509Certificate) BasicCredential(org.opensaml.security.credential.BasicCredential)

Example 70 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class OpenSamlAuthenticationRequestFactoryTests method createPostAuthenticationRequestWhenAssertionConsumerServiceBindingThenUses.

@Test
public void createPostAuthenticationRequestWhenAssertionConsumerServiceBindingThenUses() {
    RelyingPartyRegistration relyingPartyRegistration = this.relyingPartyRegistrationBuilder.assertionConsumerServiceBinding(Saml2MessageBinding.REDIRECT).build();
    Saml2AuthenticationRequestContext context = this.contextBuilder.relyingPartyRegistration(relyingPartyRegistration).build();
    Saml2PostAuthenticationRequest request = this.factory.createPostAuthenticationRequest(context);
    String samlRequest = request.getSamlRequest();
    String inflated = new String(Saml2Utils.samlDecode(samlRequest));
    assertThat(inflated).contains("ProtocolBinding=\"" + SAMLConstants.SAML2_REDIRECT_BINDING_URI + "\"");
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Test(org.junit.jupiter.api.Test)

Aggregations

RelyingPartyRegistration (org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)97 Test (org.junit.jupiter.api.Test)68 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)41 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)36 TestRelyingPartyRegistrations (org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations)36 Saml2MessageBinding (org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding)34 BDDMockito.given (org.mockito.BDDMockito.given)28 Saml2X509Credential (org.springframework.security.saml2.core.Saml2X509Credential)28 Authentication (org.springframework.security.core.Authentication)26 StandardCharsets (java.nio.charset.StandardCharsets)24 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)24 Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)23 BeforeEach (org.junit.jupiter.api.BeforeEach)22 Mockito.mock (org.mockito.Mockito.mock)22 LogoutRequest (org.opensaml.saml.saml2.core.LogoutRequest)22 Saml2Exception (org.springframework.security.saml2.Saml2Exception)22 ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)21 Mockito.verify (org.mockito.Mockito.verify)19 MockFilterChain (org.springframework.mock.web.MockFilterChain)19 Saml2Authentication (org.springframework.security.saml2.provider.service.authentication.Saml2Authentication)19
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial