Examples with RelyingPartyRegistration org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration used on opensource projects

Search in sources :

Example 6 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class OpenSamlLogoutResponseValidatorTests method handleWhenMismatchedDestinationThenInvalidDestinationError.

@Test
public void handleWhenMismatchedDestinationThenInvalidDestinationError() {
    RelyingPartyRegistration registration = registration().build();
    Saml2LogoutRequest logoutRequest = Saml2LogoutRequest.withRelyingPartyRegistration(registration).id("id").build();
    LogoutResponse logoutResponse = TestOpenSamlObjects.assertingPartyLogoutResponse(registration);
    logoutResponse.setDestination("wrong");
    sign(logoutResponse, registration);
    Saml2LogoutResponse response = post(logoutResponse, registration);
    Saml2LogoutResponseValidatorParameters parameters = new Saml2LogoutResponseValidatorParameters(response, logoutRequest, registration);
    Saml2LogoutValidatorResult result = this.manager.validate(parameters);
    assertThat(result.hasErrors()).isTrue();
    assertThat(result.getErrors().iterator().next().getErrorCode()).isEqualTo(Saml2ErrorCodes.INVALID_DESTINATION);
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) LogoutResponse(org.opensaml.saml.saml2.core.LogoutResponse) Test(org.junit.jupiter.api.Test)

Example 7 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class OpenSaml3LogoutRequestResolverTests method resolveWhenCustomParametersConsumerThenUses.

@Test
public void resolveWhenCustomParametersConsumerThenUses() {
    OpenSaml3LogoutRequestResolver logoutRequestResolver = new OpenSaml3LogoutRequestResolver(this.relyingPartyRegistrationResolver);
    logoutRequestResolver.setParametersConsumer((parameters) -> parameters.getLogoutRequest().setID("myid"));
    HttpServletRequest request = new MockHttpServletRequest();
    RelyingPartyRegistration registration = TestRelyingPartyRegistrations.relyingPartyRegistration().assertingPartyDetails((party) -> party.singleLogoutServiceLocation("https://ap.example.com/logout")).build();
    Authentication authentication = new TestingAuthenticationToken("user", "password");
    given(this.relyingPartyRegistrationResolver.resolve(any(), any())).willReturn(registration);
    Saml2LogoutRequest logoutRequest = logoutRequestResolver.resolve(request, authentication);
    assertThat(logoutRequest.getId()).isEqualTo("myid");
}
Also used : HttpServletRequest(jakarta.servlet.http.HttpServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Test(org.junit.jupiter.api.Test) BDDMockito.given(org.mockito.BDDMockito.given) Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType) Authentication(org.springframework.security.core.Authentication) Saml2LogoutRequest(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest) TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations) Mockito.mock(org.mockito.Mockito.mock) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Authentication(org.springframework.security.core.Authentication) Saml2LogoutRequest(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Test(org.junit.jupiter.api.Test)

Example 8 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class OpenSaml4AuthenticationProvider method createDefaultAssertionSignatureValidator.

private Converter<AssertionToken, Saml2ResponseValidatorResult> createDefaultAssertionSignatureValidator() {
    return createAssertionValidator(Saml2ErrorCodes.INVALID_SIGNATURE, (assertionToken) -> {
        RelyingPartyRegistration registration = assertionToken.getToken().getRelyingPartyRegistration();
        SignatureTrustEngine engine = OpenSamlVerificationUtils.trustEngine(registration);
        return SAML20AssertionValidators.createSignatureValidator(engine);
    }, (assertionToken) -> new ValidationContext(Collections.singletonMap(SAML2AssertionValidationParameters.SIGNATURE_REQUIRED, false)));
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) SignatureTrustEngine(org.opensaml.xmlsec.signature.support.SignatureTrustEngine) ValidationContext(org.opensaml.saml.common.assertion.ValidationContext)

Example 9 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class OpenSaml4AuthenticationProvider method createValidationContext.

private static ValidationContext createValidationContext(AssertionToken assertionToken, Consumer<Map<String, Object>> paramsConsumer) {
    RelyingPartyRegistration relyingPartyRegistration = assertionToken.token.getRelyingPartyRegistration();
    String audience = relyingPartyRegistration.getEntityId();
    String recipient = relyingPartyRegistration.getAssertionConsumerServiceLocation();
    String assertingPartyEntityId = relyingPartyRegistration.getAssertingPartyDetails().getEntityId();
    Map<String, Object> params = new HashMap<>();
    params.put(SAML2AssertionValidationParameters.COND_VALID_AUDIENCES, Collections.singleton(audience));
    params.put(SAML2AssertionValidationParameters.SC_VALID_RECIPIENTS, Collections.singleton(recipient));
    params.put(SAML2AssertionValidationParameters.VALID_ISSUERS, Collections.singleton(assertingPartyEntityId));
    paramsConsumer.accept(params);
    return new ValidationContext(params);
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) HashMap(java.util.HashMap) LinkedHashMap(java.util.LinkedHashMap) XMLObject(org.opensaml.core.xml.XMLObject) XSString(org.opensaml.core.xml.schema.XSString) ValidationContext(org.opensaml.saml.common.assertion.ValidationContext)

Example 10 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class OpenSamlLogoutRequestValidatorTests method handleWhenNameIdIsEncryptedIdPostThenValidates.

@Test
public void handleWhenNameIdIsEncryptedIdPostThenValidates() {
    RelyingPartyRegistration registration = decrypting(encrypting(registration())).build();
    LogoutRequest logoutRequest = TestOpenSamlObjects.assertingPartyLogoutRequestNameIdInEncryptedId(registration);
    sign(logoutRequest, registration);
    Saml2LogoutRequest request = post(logoutRequest, registration);
    Saml2LogoutRequestValidatorParameters parameters = new Saml2LogoutRequestValidatorParameters(request, registration, authentication(registration));
    Saml2LogoutValidatorResult result = this.manager.validate(parameters);
    assertThat(result.hasErrors()).withFailMessage(() -> result.getErrors().toString()).isFalse();
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) LogoutRequest(org.opensaml.saml.saml2.core.LogoutRequest) Test(org.junit.jupiter.api.Test)

Aggregations

RelyingPartyRegistration (org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)92 Test (org.junit.jupiter.api.Test)64 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)41 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)36 TestRelyingPartyRegistrations (org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations)36 Saml2MessageBinding (org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding)34 BDDMockito.given (org.mockito.BDDMockito.given)28 Saml2X509Credential (org.springframework.security.saml2.core.Saml2X509Credential)27 Authentication (org.springframework.security.core.Authentication)26 StandardCharsets (java.nio.charset.StandardCharsets)24 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)24 Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)23 BeforeEach (org.junit.jupiter.api.BeforeEach)22 Mockito.mock (org.mockito.Mockito.mock)22 LogoutRequest (org.opensaml.saml.saml2.core.LogoutRequest)22 Saml2Exception (org.springframework.security.saml2.Saml2Exception)22 ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)21 Mockito.verify (org.mockito.Mockito.verify)19 MockFilterChain (org.springframework.mock.web.MockFilterChain)19 Saml2Authentication (org.springframework.security.saml2.provider.service.authentication.Saml2Authentication)19
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial