Example 6 with RelyingPartyRegistrationResolver
use of org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver in project midpoint by Evolveum.
the class MidpointSaml2LoginConfigurer method configure.
public void configure(B http) throws Exception {
Saml2AuthenticationRequestFactory authenticationRequestResolver = new OpenSaml4AuthenticationRequestFactory();
Saml2AuthenticationRequestContextResolver contextResolver = new DefaultSaml2AuthenticationRequestContextResolver((RelyingPartyRegistrationResolver) new DefaultRelyingPartyRegistrationResolver(MidpointSaml2LoginConfigurer.this.relyingPartyRegistrationRepository));
http.addFilter(new MidpointSaml2WebSsoAuthenticationRequestFilter(contextResolver, authenticationRequestResolver));
super.configure(http);
if (this.authenticationManager != null) {
this.saml2WebSsoAuthenticationFilter.setAuthenticationManager(this.authenticationManager);
}
}
Also used :
OpenSaml4AuthenticationRequestFactory(org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationRequestFactory)
Saml2AuthenticationRequestFactory(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestFactory)
Example 7 with RelyingPartyRegistrationResolver
use of org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver in project midpoint by Evolveum.
the class SamlModuleWebSecurityConfigurer method getLogoutRequestSuccessHandler.
@Override
protected LogoutSuccessHandler getLogoutRequestSuccessHandler() {
RelyingPartyRegistrationResolver registrationResolver = new DefaultRelyingPartyRegistrationResolver(relyingPartyRegistrations());
Saml2LogoutRequestResolver logoutRequestResolver = new MidpointSaml2LogoutRequestResolver(new OpenSaml4LogoutRequestResolver(registrationResolver));
Saml2RelyingPartyInitiatedLogoutSuccessHandler handler = new Saml2RelyingPartyInitiatedLogoutSuccessHandler(logoutRequestResolver);
return getObjectPostProcessor().postProcess(new MidpointSaml2LogoutRequestSuccessHandler(handler));
}
Also used :
MidpointSaml2LogoutRequestResolver(com.evolveum.midpoint.authentication.impl.saml.MidpointSaml2LogoutRequestResolver)
Saml2LogoutRequestResolver(org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestResolver)
MidpointSaml2LogoutRequestResolver(com.evolveum.midpoint.authentication.impl.saml.MidpointSaml2LogoutRequestResolver)
MidpointMetadataRelyingPartyRegistrationResolver(com.evolveum.midpoint.authentication.impl.saml.MidpointMetadataRelyingPartyRegistrationResolver)
DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver)
RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver)
DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver)
OpenSaml4LogoutRequestResolver(org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutRequestResolver)
MidpointSaml2LogoutRequestSuccessHandler(com.evolveum.midpoint.authentication.impl.saml.MidpointSaml2LogoutRequestSuccessHandler)
Saml2RelyingPartyInitiatedLogoutSuccessHandler(org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2RelyingPartyInitiatedLogoutSuccessHandler)
Example 8 with RelyingPartyRegistrationResolver
use of org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver in project spring-security by spring-projects.
the class Saml2LogoutConfigurer method createLogoutResponseProcessingFilter.
private Saml2LogoutResponseFilter createLogoutResponseProcessingFilter(RelyingPartyRegistrationResolver registrations) {
Saml2LogoutResponseFilter logoutResponseFilter = new Saml2LogoutResponseFilter(registrations, this.logoutResponseConfigurer.logoutResponseValidator(), this.logoutSuccessHandler);
logoutResponseFilter.setLogoutRequestMatcher(createLogoutResponseMatcher());
logoutResponseFilter.setLogoutRequestRepository(this.logoutRequestConfigurer.logoutRequestRepository);
return postProcess(logoutResponseFilter);
}
Also used :
Saml2LogoutResponseFilter(org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutResponseFilter)
Example 9 with RelyingPartyRegistrationResolver
use of org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver in project spring-security by spring-projects.
the class Saml2LogoutConfigurer method createRelyingPartyLogoutFilter.
private LogoutFilter createRelyingPartyLogoutFilter(RelyingPartyRegistrationResolver registrations) {
LogoutHandler[] logoutHandlers = this.logoutHandlers.toArray(new LogoutHandler[0]);
Saml2RelyingPartyInitiatedLogoutSuccessHandler logoutRequestSuccessHandler = createSaml2LogoutRequestSuccessHandler(registrations);
LogoutFilter logoutFilter = new LogoutFilter(logoutRequestSuccessHandler, logoutHandlers);
logoutFilter.setLogoutRequestMatcher(createLogoutMatcher());
return postProcess(logoutFilter);
}
Also used :
CsrfLogoutHandler(org.springframework.security.web.csrf.CsrfLogoutHandler)
LogoutSuccessEventPublishingLogoutHandler(org.springframework.security.web.authentication.logout.LogoutSuccessEventPublishingLogoutHandler)
SecurityContextLogoutHandler(org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler)
LogoutHandler(org.springframework.security.web.authentication.logout.LogoutHandler)
LogoutFilter(org.springframework.security.web.authentication.logout.LogoutFilter)
Saml2RelyingPartyInitiatedLogoutSuccessHandler(org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2RelyingPartyInitiatedLogoutSuccessHandler)
Example 10 with RelyingPartyRegistrationResolver
use of org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver in project spring-security by spring-projects.
the class Saml2WebSsoAuthenticationFilterTests method doFilterWhenPathStartsWithRegistrationIdThenAuthenticates.
@Test
public void doFilterWhenPathStartsWithRegistrationIdThenAuthenticates() throws Exception {
RelyingPartyRegistration registration = TestRelyingPartyRegistrations.full().build();
Authentication authentication = new TestingAuthenticationToken("user", "password");
given(this.repository.findByRegistrationId("registration-id")).willReturn(registration);
given(this.authenticationManager.authenticate(authentication)).willReturn(authentication);
String loginProcessingUrl = "/{registrationId}/login/saml2/sso";
RequestMatcher matcher = new AntPathRequestMatcher(loginProcessingUrl);
DefaultRelyingPartyRegistrationResolver delegate = new DefaultRelyingPartyRegistrationResolver(this.repository);
RelyingPartyRegistrationResolver resolver = (request, id) -> {
String registrationId = matcher.matcher(request).getVariables().get("registrationId");
return delegate.resolve(request, registrationId);
};
Saml2AuthenticationTokenConverter authenticationConverter = new Saml2AuthenticationTokenConverter(resolver);
this.filter = new Saml2WebSsoAuthenticationFilter(authenticationConverter, loginProcessingUrl);
this.filter.setAuthenticationManager(this.authenticationManager);
this.request.setPathInfo("/registration-id/login/saml2/sso");
this.request.setParameter(Saml2ParameterNames.SAML_RESPONSE, "response");
this.filter.doFilter(this.request, this.response, new MockFilterChain());
verify(this.repository).findByRegistrationId("registration-id");
}
Also used :
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
Saml2AuthenticationRequestRepository(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestRepository)
WebAuthenticationDetails(org.springframework.security.web.authentication.WebAuthenticationDetails)
BeforeEach(org.junit.jupiter.api.BeforeEach)
MockFilterChain(org.springframework.mock.web.MockFilterChain)
TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken)
RelyingPartyRegistrationRepository(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
Mockito.verifyNoInteractions(org.mockito.Mockito.verifyNoInteractions)
Assertions.assertThatNoException(org.assertj.core.api.Assertions.assertThatNoException)
BDDMockito.given(org.mockito.BDDMockito.given)
AbstractSaml2AuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest)
AuthenticationDetailsSource(org.springframework.security.authentication.AuthenticationDetailsSource)
Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType)
DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver)
Saml2AuthenticationToken(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken)
AuthenticationManager(org.springframework.security.authentication.AuthenticationManager)
RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver)
TestSaml2AuthenticationTokens(org.springframework.security.saml2.provider.service.authentication.TestSaml2AuthenticationTokens)
Saml2AuthenticationTokenConverter(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationTokenConverter)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher)
Mockito.verify(org.mockito.Mockito.verify)
Test(org.junit.jupiter.api.Test)
Saml2ParameterNames(org.springframework.security.saml2.core.Saml2ParameterNames)
Assertions(org.junit.jupiter.api.Assertions)
AuthenticationConverter(org.springframework.security.web.authentication.AuthenticationConverter)
Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException)
Saml2AuthenticationException(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationException)
HttpServletResponse(jakarta.servlet.http.HttpServletResponse)
Authentication(org.springframework.security.core.Authentication)
TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations)
AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher)
Mockito.mock(org.mockito.Mockito.mock)
RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher)
AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher)
Saml2AuthenticationTokenConverter(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationTokenConverter)
Authentication(org.springframework.security.core.Authentication)
AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher)
DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver)
DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver)
RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver)
TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken)
MockFilterChain(org.springframework.mock.web.MockFilterChain)
Test(org.junit.jupiter.api.Test)
Aggregations
DefaultRelyingPartyRegistrationResolver (org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver)5
RelyingPartyRegistrationResolver (org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver)5
MockFilterChain (org.springframework.mock.web.MockFilterChain)4
BeforeEach (org.junit.jupiter.api.BeforeEach)3
Test (org.junit.jupiter.api.Test)3
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)3
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)3
RelyingPartyRegistration (org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)3
RelyingPartyRegistrationRepository (org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository)3
HttpServletResponse (jakarta.servlet.http.HttpServletResponse)2
Assertions.assertThatIllegalArgumentException (org.assertj.core.api.Assertions.assertThatIllegalArgumentException)2
BDDMockito.given (org.mockito.BDDMockito.given)2
Mockito.mock (org.mockito.Mockito.mock)2
Mockito.verify (org.mockito.Mockito.verify)2
Mockito.verifyNoInteractions (org.mockito.Mockito.verifyNoInteractions)2
AbstractSaml2AuthenticationRequest (org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest)2
Saml2AuthenticationRequestFactory (org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestFactory)2
TestRelyingPartyRegistrations (org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations)2
DefaultSaml2AuthenticationRequestContextResolver (org.springframework.security.saml2.provider.service.web.DefaultSaml2AuthenticationRequestContextResolver)2
Saml2AuthenticationRequestContextResolver (org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestContextResolver)2
