Examples with RelyingPartyRegistration org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration used on opensource projects

Search in sources :

Example 21 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class RelyingPartyRegistrationsTests method collectionFromMetadataLocationWhenResolvableThenPopulatesBuilder.

@Test
public void collectionFromMetadataLocationWhenResolvableThenPopulatesBuilder() throws Exception {
    try (MockWebServer server = new MockWebServer()) {
        server.enqueue(new MockResponse().setBody(this.entitiesDescriptor).setResponseCode(200));
        List<RelyingPartyRegistration> registrations = RelyingPartyRegistrations.collectionFromMetadataLocation(server.url("/").toString()).stream().map((r) -> r.entityId("rp").build()).collect(Collectors.toList());
        assertThat(registrations).hasSize(2);
        RelyingPartyRegistration first = registrations.get(0);
        RelyingPartyRegistration.AssertingPartyDetails details = first.getAssertingPartyDetails();
        assertThat(details.getEntityId()).isEqualTo("https://idp.example.com/idp/shibboleth");
        assertThat(details.getSingleSignOnServiceLocation()).isEqualTo("https://idp.example.com/idp/profile/SAML2/POST/SSO");
        assertThat(details.getSingleSignOnServiceBinding()).isEqualTo(Saml2MessageBinding.POST);
        assertThat(details.getVerificationX509Credentials()).hasSize(1);
        assertThat(details.getEncryptionX509Credentials()).hasSize(1);
        RelyingPartyRegistration second = registrations.get(1);
        details = second.getAssertingPartyDetails();
        assertThat(details.getEntityId()).isEqualTo("https://ap.example.org/idp/shibboleth");
        assertThat(details.getSingleSignOnServiceLocation()).isEqualTo("https://ap.example.org/idp/profile/SAML2/POST/SSO");
        assertThat(details.getSingleSignOnServiceBinding()).isEqualTo(Saml2MessageBinding.POST);
        assertThat(details.getVerificationX509Credentials()).hasSize(1);
        assertThat(details.getEncryptionX509Credentials()).hasSize(1);
    }
}
Also used : BeforeEach(org.junit.jupiter.api.BeforeEach) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) ClassPathResource(org.springframework.core.io.ClassPathResource) Saml2Exception(org.springframework.security.saml2.Saml2Exception) InputStreamReader(java.io.InputStreamReader) Collectors(java.util.stream.Collectors) File(java.io.File) Test(org.junit.jupiter.api.Test) List(java.util.List) ByteArrayInputStream(java.io.ByteArrayInputStream) MockWebServer(okhttp3.mockwebserver.MockWebServer) Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType) BufferedReader(java.io.BufferedReader) MockResponse(okhttp3.mockwebserver.MockResponse) InputStream(java.io.InputStream) MockResponse(okhttp3.mockwebserver.MockResponse) MockWebServer(okhttp3.mockwebserver.MockWebServer) Test(org.junit.jupiter.api.Test)

Example 22 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class Saml2LogoutConfigurerTests method saml2LogoutResponseWhenInvalidSamlResponseThen401.

@Test
public void saml2LogoutResponseWhenInvalidSamlResponseThen401() throws Exception {
    this.spring.register(Saml2LogoutDefaultsConfig.class).autowire();
    RelyingPartyRegistration registration = this.repository.findByRegistrationId("registration-id");
    Saml2LogoutRequest logoutRequest = Saml2LogoutRequest.withRelyingPartyRegistration(registration).samlRequest(this.rpLogoutRequest).id(this.rpLogoutRequestId).relayState(this.rpLogoutRequestRelayState).parameters((params) -> params.put("Signature", this.rpLogoutRequestSignature)).build();
    this.logoutRequestRepository.saveLogoutRequest(logoutRequest, this.request, this.response);
    String deflatedApLogoutResponse = Saml2Utils.samlEncode(Saml2Utils.samlInflate(Saml2Utils.samlDecode(this.apLogoutResponse)).getBytes(StandardCharsets.UTF_8));
    this.mvc.perform(post("/logout/saml2/slo").session((MockHttpSession) this.request.getSession()).param("SAMLResponse", deflatedApLogoutResponse).param("RelayState", this.rpLogoutRequestRelayState).param("SigAlg", this.apLogoutRequestSigAlg).param("Signature", this.apLogoutResponseSignature)).andExpect(status().reason(containsString("invalid_signature"))).andExpect(status().isUnauthorized());
    verifyNoInteractions(getBean(LogoutHandler.class));
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) BeforeEach(org.junit.jupiter.api.BeforeEach) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) Autowired(org.springframework.beans.factory.annotation.Autowired) ObjectPostProcessor(org.springframework.security.config.annotation.ObjectPostProcessor) HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity) Saml2LogoutResponse(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponse) RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Saml2LogoutRequestResolver(org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestResolver) Saml2MessageBinding(org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding) LogoutRequest(org.opensaml.saml.saml2.core.LogoutRequest) Saml2LogoutRequestFilter(org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestFilter) BDDMockito.verify(org.mockito.BDDMockito.verify) ExtendWith(org.junit.jupiter.api.extension.ExtendWith) SecurityMockMvcRequestPostProcessors.authentication(org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.authentication) BDDMockito.given(org.mockito.BDDMockito.given) ConfigurableApplicationContext(org.springframework.context.ConfigurableApplicationContext) Saml2LogoutRequestValidator(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequestValidator) SignatureConstants(org.opensaml.xmlsec.signature.support.SignatureConstants) BDDMockito.verifyNoInteractions(org.mockito.BDDMockito.verifyNoInteractions) MockMvcRequestBuilders.put(org.springframework.test.web.servlet.request.MockMvcRequestBuilders.put) Saml2Authentication(org.springframework.security.saml2.provider.service.authentication.Saml2Authentication) Saml2LogoutResponseResolver(org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutResponseResolver) Collection(java.util.Collection) Mockito.atLeastOnce(org.mockito.Mockito.atLeastOnce) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockHttpSession(org.springframework.mock.web.MockHttpSession) MockMvcResultMatchers.redirectedUrl(org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrl) Instant(java.time.Instant) StandardCharsets(java.nio.charset.StandardCharsets) Test(org.junit.jupiter.api.Test) Saml2LogoutValidatorResult(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutValidatorResult) LogoutSuccessHandler(org.springframework.security.web.authentication.logout.LogoutSuccessHandler) LogoutHandler(org.springframework.security.web.authentication.logout.LogoutHandler) SecurityMockMvcRequestPostProcessors.csrf(org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf) Saml2LogoutResponseFilter(org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutResponseFilter) Matchers.containsString(org.hamcrest.Matchers.containsString) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) HttpSessionLogoutRequestRepository(org.springframework.security.saml2.provider.service.web.authentication.logout.HttpSessionLogoutRequestRepository) DefaultSaml2AuthenticatedPrincipal(org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal) RelyingPartyRegistrationRepository(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository) InMemoryRelyingPartyRegistrationRepository(org.springframework.security.saml2.provider.service.registration.InMemoryRelyingPartyRegistrationRepository) Mockito.spy(org.mockito.Mockito.spy) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) TestOpenSamlObjects(org.springframework.security.saml2.provider.service.authentication.TestOpenSamlObjects) MockMvc(org.springframework.test.web.servlet.MockMvc) MockMvcRequestBuilders.delete(org.springframework.test.web.servlet.request.MockMvcRequestBuilders.delete) Saml2LogoutResponseValidator(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponseValidator) MockMvcResultMatchers.status(org.springframework.test.web.servlet.result.MockMvcResultMatchers.status) MockMvcRequestBuilders.post(org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post) MvcResult(org.springframework.test.web.servlet.MvcResult) LogoutFilter(org.springframework.security.web.authentication.logout.LogoutFilter) Saml2Utils(org.springframework.security.saml2.core.Saml2Utils) Import(org.springframework.context.annotation.Import) TestSaml2X509Credentials(org.springframework.security.saml2.core.TestSaml2X509Credentials) Saml2LogoutRequestRepository(org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestRepository) SecurityFilterChain(org.springframework.security.web.SecurityFilterChain) Consumer(java.util.function.Consumer) AfterEach(org.junit.jupiter.api.AfterEach) EnableWebSecurity(org.springframework.security.config.annotation.web.configuration.EnableWebSecurity) SpringTestContext(org.springframework.security.config.test.SpringTestContext) MockMvcRequestBuilders.get(org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get) SpringTestContextExtension(org.springframework.security.config.test.SpringTestContextExtension) Bean(org.springframework.context.annotation.Bean) BDDMockito.mock(org.mockito.BDDMockito.mock) Customizer.withDefaults(org.springframework.security.config.Customizer.withDefaults) Saml2LogoutRequest(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest) Collections(java.util.Collections) AuthorityUtils(org.springframework.security.core.authority.AuthorityUtils) TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) Saml2LogoutRequest(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest) MockHttpSession(org.springframework.mock.web.MockHttpSession) Matchers.containsString(org.hamcrest.Matchers.containsString) LogoutHandler(org.springframework.security.web.authentication.logout.LogoutHandler) Test(org.junit.jupiter.api.Test)

Example 23 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class Saml2LogoutConfigurerTests method saml2LogoutResponseWhenDefaultsThenRedirects.

@Test
public void saml2LogoutResponseWhenDefaultsThenRedirects() throws Exception {
    this.spring.register(Saml2LogoutDefaultsConfig.class).autowire();
    RelyingPartyRegistration registration = this.repository.findByRegistrationId("get");
    Saml2LogoutRequest logoutRequest = Saml2LogoutRequest.withRelyingPartyRegistration(registration).samlRequest(this.rpLogoutRequest).id(this.rpLogoutRequestId).relayState(this.rpLogoutRequestRelayState).parameters((params) -> params.put("Signature", this.rpLogoutRequestSignature)).build();
    this.logoutRequestRepository.saveLogoutRequest(logoutRequest, this.request, this.response);
    this.request.setParameter("RelayState", logoutRequest.getRelayState());
    assertThat(this.logoutRequestRepository.loadLogoutRequest(this.request)).isNotNull();
    this.mvc.perform(get("/logout/saml2/slo").session(((MockHttpSession) this.request.getSession())).param("SAMLResponse", this.apLogoutResponse).param("RelayState", this.apLogoutResponseRelayState).param("SigAlg", this.apLogoutResponseSigAlg).param("Signature", this.apLogoutResponseSignature)).andExpect(status().isFound()).andExpect(redirectedUrl("/login?logout"));
    verifyNoInteractions(getBean(LogoutHandler.class));
    assertThat(this.logoutRequestRepository.loadLogoutRequest(this.request)).isNull();
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) BeforeEach(org.junit.jupiter.api.BeforeEach) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) Autowired(org.springframework.beans.factory.annotation.Autowired) ObjectPostProcessor(org.springframework.security.config.annotation.ObjectPostProcessor) HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity) Saml2LogoutResponse(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponse) RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Saml2LogoutRequestResolver(org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestResolver) Saml2MessageBinding(org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding) LogoutRequest(org.opensaml.saml.saml2.core.LogoutRequest) Saml2LogoutRequestFilter(org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestFilter) BDDMockito.verify(org.mockito.BDDMockito.verify) ExtendWith(org.junit.jupiter.api.extension.ExtendWith) SecurityMockMvcRequestPostProcessors.authentication(org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.authentication) BDDMockito.given(org.mockito.BDDMockito.given) ConfigurableApplicationContext(org.springframework.context.ConfigurableApplicationContext) Saml2LogoutRequestValidator(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequestValidator) SignatureConstants(org.opensaml.xmlsec.signature.support.SignatureConstants) BDDMockito.verifyNoInteractions(org.mockito.BDDMockito.verifyNoInteractions) MockMvcRequestBuilders.put(org.springframework.test.web.servlet.request.MockMvcRequestBuilders.put) Saml2Authentication(org.springframework.security.saml2.provider.service.authentication.Saml2Authentication) Saml2LogoutResponseResolver(org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutResponseResolver) Collection(java.util.Collection) Mockito.atLeastOnce(org.mockito.Mockito.atLeastOnce) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockHttpSession(org.springframework.mock.web.MockHttpSession) MockMvcResultMatchers.redirectedUrl(org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrl) Instant(java.time.Instant) StandardCharsets(java.nio.charset.StandardCharsets) Test(org.junit.jupiter.api.Test) Saml2LogoutValidatorResult(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutValidatorResult) LogoutSuccessHandler(org.springframework.security.web.authentication.logout.LogoutSuccessHandler) LogoutHandler(org.springframework.security.web.authentication.logout.LogoutHandler) SecurityMockMvcRequestPostProcessors.csrf(org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf) Saml2LogoutResponseFilter(org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutResponseFilter) Matchers.containsString(org.hamcrest.Matchers.containsString) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) HttpSessionLogoutRequestRepository(org.springframework.security.saml2.provider.service.web.authentication.logout.HttpSessionLogoutRequestRepository) DefaultSaml2AuthenticatedPrincipal(org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal) RelyingPartyRegistrationRepository(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository) InMemoryRelyingPartyRegistrationRepository(org.springframework.security.saml2.provider.service.registration.InMemoryRelyingPartyRegistrationRepository) Mockito.spy(org.mockito.Mockito.spy) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) TestOpenSamlObjects(org.springframework.security.saml2.provider.service.authentication.TestOpenSamlObjects) MockMvc(org.springframework.test.web.servlet.MockMvc) MockMvcRequestBuilders.delete(org.springframework.test.web.servlet.request.MockMvcRequestBuilders.delete) Saml2LogoutResponseValidator(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponseValidator) MockMvcResultMatchers.status(org.springframework.test.web.servlet.result.MockMvcResultMatchers.status) MockMvcRequestBuilders.post(org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post) MvcResult(org.springframework.test.web.servlet.MvcResult) LogoutFilter(org.springframework.security.web.authentication.logout.LogoutFilter) Saml2Utils(org.springframework.security.saml2.core.Saml2Utils) Import(org.springframework.context.annotation.Import) TestSaml2X509Credentials(org.springframework.security.saml2.core.TestSaml2X509Credentials) Saml2LogoutRequestRepository(org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestRepository) SecurityFilterChain(org.springframework.security.web.SecurityFilterChain) Consumer(java.util.function.Consumer) AfterEach(org.junit.jupiter.api.AfterEach) EnableWebSecurity(org.springframework.security.config.annotation.web.configuration.EnableWebSecurity) SpringTestContext(org.springframework.security.config.test.SpringTestContext) MockMvcRequestBuilders.get(org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get) SpringTestContextExtension(org.springframework.security.config.test.SpringTestContextExtension) Bean(org.springframework.context.annotation.Bean) BDDMockito.mock(org.mockito.BDDMockito.mock) Customizer.withDefaults(org.springframework.security.config.Customizer.withDefaults) Saml2LogoutRequest(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest) Collections(java.util.Collections) AuthorityUtils(org.springframework.security.core.authority.AuthorityUtils) TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) Saml2LogoutRequest(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest) LogoutHandler(org.springframework.security.web.authentication.logout.LogoutHandler) Test(org.junit.jupiter.api.Test)

Example 24 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class Saml2LogoutResponseFilter method doFilterInternal.

/**
 * {@inheritDoc}
 */
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException {
    if (!this.logoutRequestMatcher.matches(request)) {
        chain.doFilter(request, response);
        return;
    }
    if (request.getParameter(Saml2ParameterNames.SAML_RESPONSE) == null) {
        chain.doFilter(request, response);
        return;
    }
    Saml2LogoutRequest logoutRequest = this.logoutRequestRepository.removeLogoutRequest(request, response);
    if (logoutRequest == null) {
        this.logger.trace("Did not process logout response since could not find associated LogoutRequest");
        response.sendError(HttpServletResponse.SC_BAD_REQUEST, "Failed to find associated LogoutRequest");
        return;
    }
    RelyingPartyRegistration registration = this.relyingPartyRegistrationResolver.resolve(request, logoutRequest.getRelyingPartyRegistrationId());
    if (registration == null) {
        this.logger.trace("Did not process logout request since failed to find associated RelyingPartyRegistration");
        Saml2Error error = new Saml2Error(Saml2ErrorCodes.RELYING_PARTY_REGISTRATION_NOT_FOUND, "Failed to find associated RelyingPartyRegistration");
        response.sendError(HttpServletResponse.SC_BAD_REQUEST, error.toString());
        return;
    }
    if (registration.getSingleLogoutServiceResponseLocation() == null) {
        this.logger.trace("Did not process logout response since RelyingPartyRegistration has not been configured with a logout response endpoint");
        response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
        return;
    }
    if (!isCorrectBinding(request, registration)) {
        this.logger.trace("Did not process logout request since used incorrect binding");
        response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
        return;
    }
    String serialized = request.getParameter(Saml2ParameterNames.SAML_RESPONSE);
    Saml2LogoutResponse logoutResponse = Saml2LogoutResponse.withRelyingPartyRegistration(registration).samlResponse(serialized).relayState(request.getParameter(Saml2ParameterNames.RELAY_STATE)).binding(registration.getSingleLogoutServiceBinding()).location(registration.getSingleLogoutServiceResponseLocation()).parameters((params) -> params.put(Saml2ParameterNames.SIG_ALG, request.getParameter(Saml2ParameterNames.SIG_ALG))).parameters((params) -> params.put(Saml2ParameterNames.SIGNATURE, request.getParameter(Saml2ParameterNames.SIGNATURE))).build();
    Saml2LogoutResponseValidatorParameters parameters = new Saml2LogoutResponseValidatorParameters(logoutResponse, logoutRequest, registration);
    Saml2LogoutValidatorResult result = this.logoutResponseValidator.validate(parameters);
    if (result.hasErrors()) {
        response.sendError(HttpServletResponse.SC_UNAUTHORIZED, result.getErrors().iterator().next().toString());
        this.logger.debug(LogMessage.format("Failed to validate LogoutResponse: %s", result.getErrors()));
        return;
    }
    this.logoutSuccessHandler.onLogoutSuccess(request, response, null);
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Saml2Error(org.springframework.security.saml2.core.Saml2Error) Saml2ErrorCodes(org.springframework.security.saml2.core.Saml2ErrorCodes) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver) FilterChain(jakarta.servlet.FilterChain) Saml2Error(org.springframework.security.saml2.core.Saml2Error) OncePerRequestFilter(org.springframework.web.filter.OncePerRequestFilter) IOException(java.io.IOException) ServletException(jakarta.servlet.ServletException) Saml2LogoutResponse(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponse) RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) Saml2LogoutResponseValidatorParameters(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponseValidatorParameters) RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Saml2MessageBinding(org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding) LogMessage(org.springframework.core.log.LogMessage) Saml2LogoutValidatorResult(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutValidatorResult) Saml2ParameterNames(org.springframework.security.saml2.core.Saml2ParameterNames) Saml2LogoutResponseValidator(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponseValidator) LogoutSuccessHandler(org.springframework.security.web.authentication.logout.LogoutSuccessHandler) Log(org.apache.commons.logging.Log) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) LogFactory(org.apache.commons.logging.LogFactory) Saml2LogoutRequest(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) Assert(org.springframework.util.Assert) Saml2LogoutValidatorResult(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutValidatorResult) Saml2LogoutResponseValidatorParameters(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponseValidatorParameters) Saml2LogoutRequest(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest) Saml2LogoutResponse(org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponse)

Example 25 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class OpenSamlAuthenticationRequestFactoryTests method createPostAuthenticationRequestWhenSignRequestThenCredentialIsRequired.

@Test
public void createPostAuthenticationRequestWhenSignRequestThenCredentialIsRequired() {
    Saml2X509Credential credential = org.springframework.security.saml2.core.TestSaml2X509Credentials.relyingPartyVerifyingCredential();
    RelyingPartyRegistration registration = TestRelyingPartyRegistrations.noCredentials().assertingPartyDetails((party) -> party.verificationX509Credentials((c) -> c.add(credential))).build();
    this.context = this.contextBuilder.relayState("Relay State Value").relyingPartyRegistration(registration).build();
    assertThatExceptionOfType(Saml2Exception.class).isThrownBy(() -> this.factory.createPostAuthenticationRequest(this.context));
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) BeforeEach(org.junit.jupiter.api.BeforeEach) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Saml2MessageBinding(org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding) AuthnRequestUnmarshaller(org.opensaml.saml.saml2.core.impl.AuthnRequestUnmarshaller) ByteArrayInputStream(java.io.ByteArrayInputStream) BDDMockito.given(org.mockito.BDDMockito.given) Document(org.w3c.dom.Document) Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType) SignatureConstants(org.opensaml.xmlsec.signature.support.SignatureConstants) SAMLConstants(org.opensaml.saml.common.xml.SAMLConstants) Converter(org.springframework.core.convert.converter.Converter) DateTime(org.joda.time.DateTime) Saml2Exception(org.springframework.security.saml2.Saml2Exception) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) StandardCharsets(java.nio.charset.StandardCharsets) XMLObjectProviderRegistrySupport(org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport) Mockito.verify(org.mockito.Mockito.verify) Test(org.junit.jupiter.api.Test) Element(org.w3c.dom.Element) TestSaml2X509Credentials(org.springframework.security.saml2.credentials.TestSaml2X509Credentials) Assertions(org.junit.jupiter.api.Assertions) Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException) TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations) Mockito.mock(org.mockito.Mockito.mock) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) Saml2Exception(org.springframework.security.saml2.Saml2Exception) Test(org.junit.jupiter.api.Test)

Aggregations

RelyingPartyRegistration (org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)92 Test (org.junit.jupiter.api.Test)64 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)41 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)36 TestRelyingPartyRegistrations (org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations)36 Saml2MessageBinding (org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding)34 BDDMockito.given (org.mockito.BDDMockito.given)28 Saml2X509Credential (org.springframework.security.saml2.core.Saml2X509Credential)27 Authentication (org.springframework.security.core.Authentication)26 StandardCharsets (java.nio.charset.StandardCharsets)24 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)24 Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)23 BeforeEach (org.junit.jupiter.api.BeforeEach)22 Mockito.mock (org.mockito.Mockito.mock)22 LogoutRequest (org.opensaml.saml.saml2.core.LogoutRequest)22 Saml2Exception (org.springframework.security.saml2.Saml2Exception)22 ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)21 Mockito.verify (org.mockito.Mockito.verify)19 MockFilterChain (org.springframework.mock.web.MockFilterChain)19 Saml2Authentication (org.springframework.security.saml2.provider.service.authentication.Saml2Authentication)19
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial