Examples with RelyingPartyRegistration org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration used on opensource projects

Search in sources :

Example 96 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class Saml2WebSsoAuthenticationRequestFilterTests method doFilterWhenPostThenSaveRedirectRequest.

@Test
public void doFilterWhenPostThenSaveRedirectRequest() throws ServletException, IOException {
    RelyingPartyRegistration registration = this.rpBuilder.assertingPartyDetails((asserting) -> asserting.singleSignOnServiceBinding(Saml2MessageBinding.POST)).build();
    Saml2AuthenticationRequestContext context = authenticationRequestContext().relyingPartyRegistration(registration).build();
    Saml2PostAuthenticationRequest request = postAuthenticationRequest(context).build();
    given(this.resolver.resolve(any())).willReturn(context);
    given(this.factory.createPostAuthenticationRequest(any())).willReturn(request);
    this.filter.doFilterInternal(this.request, this.response, this.filterChain);
    verify(this.authenticationRequestRepository).saveAuthenticationRequest(any(Saml2PostAuthenticationRequest.class), eq(this.request), eq(this.response));
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Saml2AuthenticationRequestRepository(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestRepository) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) BeforeEach(org.junit.jupiter.api.BeforeEach) MockFilterChain(org.springframework.mock.web.MockFilterChain) ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq) RelyingPartyRegistrationRepository(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) Saml2AuthenticationRequestResolver(org.springframework.security.saml2.provider.service.web.authentication.Saml2AuthenticationRequestResolver) DefaultSaml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.DefaultSaml2AuthenticationRequestContextResolver) ServletException(jakarta.servlet.ServletException) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) HtmlUtils(org.springframework.web.util.HtmlUtils) Saml2MessageBinding(org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding) Mockito.verifyNoInteractions(org.mockito.Mockito.verifyNoInteractions) Saml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestContextResolver) BDDMockito.given(org.mockito.BDDMockito.given) AbstractSaml2AuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest) Saml2AuthenticationRequestContext(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext) Saml2PostAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest) Saml2RedirectAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest) DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver) Saml2AuthenticationRequestFactory(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestFactory) ServletRequest(jakarta.servlet.ServletRequest) RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver) IOException(java.io.IOException) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) StandardCharsets(java.nio.charset.StandardCharsets) Mockito.verify(org.mockito.Mockito.verify) Test(org.junit.jupiter.api.Test) TestSaml2X509Credentials(org.springframework.security.saml2.credentials.TestSaml2X509Credentials) ServletResponse(jakarta.servlet.ServletResponse) Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException) UriUtils(org.springframework.web.util.UriUtils) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) TestSaml2AuthenticationRequestContexts(org.springframework.security.saml2.provider.service.authentication.TestSaml2AuthenticationRequestContexts) TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) Mockito.mock(org.mockito.Mockito.mock) Saml2PostAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest) Saml2AuthenticationRequestContext(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext) Test(org.junit.jupiter.api.Test)

Example 97 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class Saml2WebSsoAuthenticationRequestFilterTests method doFilterWhenCustomAuthenticationRequestResolverThenUses.

@Test
public void doFilterWhenCustomAuthenticationRequestResolverThenUses() throws Exception {
    RelyingPartyRegistration registration = TestRelyingPartyRegistrations.relyingPartyRegistration().build();
    Saml2RedirectAuthenticationRequest authenticationRequest = redirectAuthenticationRequest(registration).build();
    Saml2WebSsoAuthenticationRequestFilter filter = new Saml2WebSsoAuthenticationRequestFilter(this.authenticationRequestResolver);
    given(this.authenticationRequestResolver.resolve(any())).willReturn(authenticationRequest);
    filter.doFilterInternal(this.request, this.response, this.filterChain);
    verify(this.authenticationRequestResolver).resolve(any());
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Saml2RedirectAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest) Test(org.junit.jupiter.api.Test)

Example 98 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class Saml2WebSsoAuthenticationRequestFilterTests method doFilterWhenPostFormDataIsPresent.

@Test
public void doFilterWhenPostFormDataIsPresent() throws Exception {
    String relayStateValue = "https://my-relay-state.example.com?with=param&other=param&javascript{alert('1');}";
    String relayStateEncoded = HtmlUtils.htmlEscape(relayStateValue);
    RelyingPartyRegistration registration = this.rpBuilder.assertingPartyDetails((asserting) -> asserting.singleSignOnServiceBinding(Saml2MessageBinding.POST)).build();
    Saml2AuthenticationRequestContext context = authenticationRequestContext().relayState(relayStateValue).relyingPartyRegistration(registration).build();
    Saml2PostAuthenticationRequest request = postAuthenticationRequest(context).build();
    given(this.resolver.resolve(any())).willReturn(context);
    given(this.factory.createPostAuthenticationRequest(any())).willReturn(request);
    this.filter.doFilterInternal(this.request, this.response, this.filterChain);
    assertThat(this.response.getHeader("Location")).isNull();
    assertThat(this.response.getContentAsString()).contains("<form action=\"https://sso-url.example.com/IDP/SSO\" method=\"post\">").contains("<input type=\"hidden\" name=\"SAMLRequest\"").contains("value=\"" + relayStateEncoded + "\"");
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Saml2AuthenticationRequestRepository(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestRepository) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) BeforeEach(org.junit.jupiter.api.BeforeEach) MockFilterChain(org.springframework.mock.web.MockFilterChain) ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq) RelyingPartyRegistrationRepository(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) Saml2AuthenticationRequestResolver(org.springframework.security.saml2.provider.service.web.authentication.Saml2AuthenticationRequestResolver) DefaultSaml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.DefaultSaml2AuthenticationRequestContextResolver) ServletException(jakarta.servlet.ServletException) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) HtmlUtils(org.springframework.web.util.HtmlUtils) Saml2MessageBinding(org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding) Mockito.verifyNoInteractions(org.mockito.Mockito.verifyNoInteractions) Saml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestContextResolver) BDDMockito.given(org.mockito.BDDMockito.given) AbstractSaml2AuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest) Saml2AuthenticationRequestContext(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext) Saml2PostAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest) Saml2RedirectAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest) DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver) Saml2AuthenticationRequestFactory(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestFactory) ServletRequest(jakarta.servlet.ServletRequest) RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver) IOException(java.io.IOException) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) StandardCharsets(java.nio.charset.StandardCharsets) Mockito.verify(org.mockito.Mockito.verify) Test(org.junit.jupiter.api.Test) TestSaml2X509Credentials(org.springframework.security.saml2.credentials.TestSaml2X509Credentials) ServletResponse(jakarta.servlet.ServletResponse) Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException) UriUtils(org.springframework.web.util.UriUtils) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) TestSaml2AuthenticationRequestContexts(org.springframework.security.saml2.provider.service.authentication.TestSaml2AuthenticationRequestContexts) TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) Mockito.mock(org.mockito.Mockito.mock) Saml2PostAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest) Saml2AuthenticationRequestContext(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext) Test(org.junit.jupiter.api.Test)

Example 99 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class OpenSamlAuthenticationRequestFactory method createAuthenticationRequest.

@Override
@Deprecated
public String createAuthenticationRequest(Saml2AuthenticationRequest request) {
    Saml2MessageBinding binding = this.protocolBindingResolver.convert(null);
    RelyingPartyRegistration registration = RelyingPartyRegistration.withRegistrationId("noId").assertionConsumerServiceBinding(binding).assertionConsumerServiceLocation(request.getAssertionConsumerServiceUrl()).entityId(request.getIssuer()).remoteIdpEntityId("noIssuer").idpWebSsoUrl("noUrl").credentials((credentials) -> credentials.addAll(request.getCredentials())).build();
    Saml2AuthenticationRequestContext context = Saml2AuthenticationRequestContext.builder().relyingPartyRegistration(registration).issuer(request.getIssuer()).assertionConsumerServiceUrl(request.getAssertionConsumerServiceUrl()).build();
    AuthnRequest authnRequest = this.authenticationRequestContextConverter.convert(context);
    return OpenSamlSigningUtils.serialize(OpenSamlSigningUtils.sign(authnRequest, registration));
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Converter(org.springframework.core.convert.converter.Converter) OpenSamlInitializationService(org.springframework.security.saml2.core.OpenSamlInitializationService) DateTime(org.joda.time.DateTime) AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) ConfigurationService(org.opensaml.core.config.ConfigurationService) UUID(java.util.UUID) Instant(java.time.Instant) StandardCharsets(java.nio.charset.StandardCharsets) XMLObjectProviderRegistry(org.opensaml.core.xml.config.XMLObjectProviderRegistry) RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) IssuerBuilder(org.opensaml.saml.saml2.core.impl.IssuerBuilder) Saml2MessageBinding(org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding) AuthnRequestBuilder(org.opensaml.saml.saml2.core.impl.AuthnRequestBuilder) Saml2ParameterNames(org.springframework.security.saml2.core.Saml2ParameterNames) Issuer(org.opensaml.saml.saml2.core.Issuer) Map(java.util.Map) Clock(java.time.Clock) SAMLConstants(org.opensaml.saml.common.xml.SAMLConstants) QueryParametersPartial(org.springframework.security.saml2.provider.service.authentication.OpenSamlSigningUtils.QueryParametersPartial) Assert(org.springframework.util.Assert) StringUtils(org.springframework.util.StringUtils) AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) Saml2MessageBinding(org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding)

Example 100 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class OpenSamlAuthenticationRequestFactory method createPostAuthenticationRequest.

@Override
public Saml2PostAuthenticationRequest createPostAuthenticationRequest(Saml2AuthenticationRequestContext context) {
    AuthnRequest authnRequest = this.authenticationRequestContextConverter.convert(context);
    RelyingPartyRegistration registration = context.getRelyingPartyRegistration();
    if (registration.getAssertingPartyDetails().getWantAuthnRequestsSigned()) {
        OpenSamlSigningUtils.sign(authnRequest, registration);
    }
    String xml = OpenSamlSigningUtils.serialize(authnRequest);
    return Saml2PostAuthenticationRequest.withAuthenticationRequestContext(context).samlRequest(Saml2Utils.samlEncode(xml.getBytes(StandardCharsets.UTF_8))).build();
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)

Aggregations

RelyingPartyRegistration (org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)97 Test (org.junit.jupiter.api.Test)68 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)41 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)36 TestRelyingPartyRegistrations (org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations)36 Saml2MessageBinding (org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding)34 BDDMockito.given (org.mockito.BDDMockito.given)28 Saml2X509Credential (org.springframework.security.saml2.core.Saml2X509Credential)28 Authentication (org.springframework.security.core.Authentication)26 StandardCharsets (java.nio.charset.StandardCharsets)24 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)24 Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)23 BeforeEach (org.junit.jupiter.api.BeforeEach)22 Mockito.mock (org.mockito.Mockito.mock)22 LogoutRequest (org.opensaml.saml.saml2.core.LogoutRequest)22 Saml2Exception (org.springframework.security.saml2.Saml2Exception)22 ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)21 Mockito.verify (org.mockito.Mockito.verify)19 MockFilterChain (org.springframework.mock.web.MockFilterChain)19 Saml2Authentication (org.springframework.security.saml2.provider.service.authentication.Saml2Authentication)19
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial