Examples with RelyingPartyRegistration org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration used on opensource projects

Example 31 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class LogoutRequestEncryptedIdUtils method decrypter.

private static Decrypter decrypter(RelyingPartyRegistration registration) {
    Collection<Credential> credentials = new ArrayList<>();
    for (Saml2X509Credential key : registration.getDecryptionX509Credentials()) {
        Credential cred = CredentialSupport.getSimpleCredential(key.getCertificate(), key.getPrivateKey());
        credentials.add(cred);
    }
    KeyInfoCredentialResolver resolver = new CollectionKeyInfoCredentialResolver(credentials);
    Decrypter decrypter = new Decrypter(null, resolver, encryptedKeyResolver);
    decrypter.setRootInNewDocument(true);
    return decrypter;
}

Example 32 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class OpenSamlSigningUtils method resolveSigningCredentials.

private static List<Credential> resolveSigningCredentials(RelyingPartyRegistration relyingPartyRegistration) {
    List<Credential> credentials = new ArrayList<>();
    for (Saml2X509Credential x509Credential : relyingPartyRegistration.getSigningX509Credentials()) {
        X509Certificate certificate = x509Credential.getCertificate();
        PrivateKey privateKey = x509Credential.getPrivateKey();
        BasicCredential credential = CredentialSupport.getSimpleCredential(certificate, privateKey);
        credential.setEntityId(relyingPartyRegistration.getEntityId());
        credential.setUsageType(UsageType.SIGNING);
        credentials.add(credential);
    }
    return credentials;
}

Example 33 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class DefaultSaml2AuthenticationRequestContextResolver method resolve.

@Override
public Saml2AuthenticationRequestContext resolve(HttpServletRequest request) {
    Assert.notNull(request, "request cannot be null");
    RelyingPartyRegistration relyingParty = this.relyingPartyRegistrationResolver.convert(request);
    if (relyingParty == null) {
        return null;
    }
    if (this.logger.isDebugEnabled()) {
        this.logger.debug("Creating SAML 2.0 Authentication Request for Asserting Party [" + relyingParty.getRegistrationId() + "]");
    }
    return createRedirectAuthenticationRequestContext(request, relyingParty);
}

Example 34 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class OpenSamlAuthenticationRequestResolverTests method resolveAuthenticationRequestWhenSignedThenCredentialIsRequired.

@Test
public void resolveAuthenticationRequestWhenSignedThenCredentialIsRequired() {
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setPathInfo("/saml2/authenticate/registration-id");
    Saml2X509Credential credential = TestSaml2X509Credentials.relyingPartyVerifyingCredential();
    RelyingPartyRegistration registration = TestRelyingPartyRegistrations.noCredentials().assertingPartyDetails((party) -> party.verificationX509Credentials((c) -> c.add(credential))).build();
    OpenSamlAuthenticationRequestResolver resolver = authenticationRequestResolver(registration);
    assertThatExceptionOfType(Saml2Exception.class).isThrownBy(() -> resolver.resolve(request, null));
}

Example 35 with RelyingPartyRegistration

use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration in project spring-security by spring-projects.

the class OpenSamlAuthenticationRequestResolverTests method resolveAuthenticationRequestWhenSHA1SignRequestThenSigns.

@Test
public void resolveAuthenticationRequestWhenSHA1SignRequestThenSigns() {
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setPathInfo("/saml2/authenticate/registration-id");
    RelyingPartyRegistration registration = this.relyingPartyRegistrationBuilder.assertingPartyDetails((party) -> party.signingAlgorithms((algs) -> algs.add(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1))).build();
    OpenSamlAuthenticationRequestResolver resolver = authenticationRequestResolver(registration);
    Saml2RedirectAuthenticationRequest result = resolver.resolve(request, null);
    assertThat(result.getSamlRequest()).isNotEmpty();
    assertThat(result.getRelayState()).isNotNull();
    assertThat(result.getSigAlg()).isEqualTo(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
    assertThat(result.getSignature()).isNotNull();
    assertThat(result.getBinding()).isEqualTo(Saml2MessageBinding.REDIRECT);
}