Example 1 with Saml2AuthenticationRequestContextResolver
use of org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestContextResolver in project spring-security by spring-projects.
the class Saml2LoginConfigurer method getAuthenticationRequestContextResolver.
private Saml2AuthenticationRequestContextResolver getAuthenticationRequestContextResolver(B http) {
Saml2AuthenticationRequestContextResolver resolver = getBeanOrNull(http, Saml2AuthenticationRequestContextResolver.class);
if (resolver != null) {
return resolver;
}
RelyingPartyRegistrationResolver registrationResolver = new DefaultRelyingPartyRegistrationResolver(this.relyingPartyRegistrationRepository);
return new DefaultSaml2AuthenticationRequestContextResolver(registrationResolver);
}
Also used :
DefaultSaml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.DefaultSaml2AuthenticationRequestContextResolver)
DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver)
RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver)
DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver)
DefaultSaml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.DefaultSaml2AuthenticationRequestContextResolver)
Saml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestContextResolver)
Example 2 with Saml2AuthenticationRequestContextResolver
use of org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestContextResolver in project spring-security by spring-projects.
the class Saml2LoginConfigurerTests method saml2LoginWhenCustomAuthenticationRequestContextResolverThenUses.
@Test
public void saml2LoginWhenCustomAuthenticationRequestContextResolverThenUses() throws Exception {
this.spring.register(CustomAuthenticationRequestContextResolver.class).autowire();
Saml2AuthenticationRequestContext context = TestSaml2AuthenticationRequestContexts.authenticationRequestContext().build();
Saml2AuthenticationRequestContextResolver resolver = this.spring.getContext().getBean(Saml2AuthenticationRequestContextResolver.class);
given(resolver.resolve(any(HttpServletRequest.class))).willReturn(context);
this.mvc.perform(get("/saml2/authenticate/registration-id")).andExpect(status().isFound());
verify(resolver).resolve(any(HttpServletRequest.class));
}
Also used :
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
HttpServletRequest(jakarta.servlet.http.HttpServletRequest)
Saml2AuthenticationRequestContext(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext)
Saml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestContextResolver)
Test(org.junit.jupiter.api.Test)
Example 3 with Saml2AuthenticationRequestContextResolver
use of org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestContextResolver in project spring-security by spring-projects.
the class Saml2WebSsoAuthenticationRequestFilterTests method doFilterWhenPathStartsWithRegistrationIdThenPosts.
@Test
public void doFilterWhenPathStartsWithRegistrationIdThenPosts() throws Exception {
RelyingPartyRegistration registration = TestRelyingPartyRegistrations.full().assertingPartyDetails((party) -> party.singleSignOnServiceBinding(Saml2MessageBinding.POST)).build();
RequestMatcher matcher = new AntPathRequestMatcher("/{registrationId}/saml2/authenticate");
DefaultRelyingPartyRegistrationResolver delegate = new DefaultRelyingPartyRegistrationResolver(this.repository);
RelyingPartyRegistrationResolver resolver = (request, id) -> {
String registrationId = matcher.matcher(request).getVariables().get("registrationId");
return delegate.resolve(request, registrationId);
};
Saml2AuthenticationRequestContextResolver authenticationRequestContextResolver = new DefaultSaml2AuthenticationRequestContextResolver(resolver);
Saml2PostAuthenticationRequest authenticationRequest = mock(Saml2PostAuthenticationRequest.class);
given(authenticationRequest.getAuthenticationRequestUri()).willReturn("uri");
given(authenticationRequest.getRelayState()).willReturn("relay");
given(authenticationRequest.getSamlRequest()).willReturn("saml");
given(this.repository.findByRegistrationId("registration-id")).willReturn(registration);
given(this.factory.createPostAuthenticationRequest(any())).willReturn(authenticationRequest);
this.filter = new Saml2WebSsoAuthenticationRequestFilter(authenticationRequestContextResolver, this.factory);
this.filter.setRedirectMatcher(matcher);
this.request.setPathInfo("/registration-id/saml2/authenticate");
this.filter.doFilter(this.request, this.response, new MockFilterChain());
verify(this.repository).findByRegistrationId("registration-id");
}
Also used :
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
Saml2AuthenticationRequestRepository(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestRepository)
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
BeforeEach(org.junit.jupiter.api.BeforeEach)
MockFilterChain(org.springframework.mock.web.MockFilterChain)
ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq)
RelyingPartyRegistrationRepository(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository)
Assertions.assertThat(org.assertj.core.api.Assertions.assertThat)
Saml2AuthenticationRequestResolver(org.springframework.security.saml2.provider.service.web.authentication.Saml2AuthenticationRequestResolver)
DefaultSaml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.DefaultSaml2AuthenticationRequestContextResolver)
ServletException(jakarta.servlet.ServletException)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
HtmlUtils(org.springframework.web.util.HtmlUtils)
Saml2MessageBinding(org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding)
Mockito.verifyNoInteractions(org.mockito.Mockito.verifyNoInteractions)
Saml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestContextResolver)
BDDMockito.given(org.mockito.BDDMockito.given)
AbstractSaml2AuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest)
Saml2AuthenticationRequestContext(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext)
Saml2PostAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest)
Saml2RedirectAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest)
DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver)
Saml2AuthenticationRequestFactory(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestFactory)
ServletRequest(jakarta.servlet.ServletRequest)
RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver)
IOException(java.io.IOException)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher)
StandardCharsets(java.nio.charset.StandardCharsets)
Mockito.verify(org.mockito.Mockito.verify)
Test(org.junit.jupiter.api.Test)
TestSaml2X509Credentials(org.springframework.security.saml2.credentials.TestSaml2X509Credentials)
ServletResponse(jakarta.servlet.ServletResponse)
Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException)
UriUtils(org.springframework.web.util.UriUtils)
HttpServletResponse(jakarta.servlet.http.HttpServletResponse)
TestSaml2AuthenticationRequestContexts(org.springframework.security.saml2.provider.service.authentication.TestSaml2AuthenticationRequestContexts)
TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations)
AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher)
Mockito.mock(org.mockito.Mockito.mock)
RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher)
AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher)
DefaultSaml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.DefaultSaml2AuthenticationRequestContextResolver)
Saml2PostAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest)
AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher)
DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver)
DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver)
RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver)
MockFilterChain(org.springframework.mock.web.MockFilterChain)
DefaultSaml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.DefaultSaml2AuthenticationRequestContextResolver)
Saml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestContextResolver)
Test(org.junit.jupiter.api.Test)
Example 4 with Saml2AuthenticationRequestContextResolver
use of org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestContextResolver in project midpoint by Evolveum.
the class MidpointSaml2LoginConfigurer method configure.
public void configure(B http) throws Exception {
Saml2AuthenticationRequestFactory authenticationRequestResolver = new OpenSaml4AuthenticationRequestFactory();
Saml2AuthenticationRequestContextResolver contextResolver = new DefaultSaml2AuthenticationRequestContextResolver((RelyingPartyRegistrationResolver) new DefaultRelyingPartyRegistrationResolver(MidpointSaml2LoginConfigurer.this.relyingPartyRegistrationRepository));
http.addFilter(new MidpointSaml2WebSsoAuthenticationRequestFilter(contextResolver, authenticationRequestResolver));
super.configure(http);
if (this.authenticationManager != null) {
this.saml2WebSsoAuthenticationFilter.setAuthenticationManager(this.authenticationManager);
}
}
Also used :
OpenSaml4AuthenticationRequestFactory(org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationRequestFactory)
Saml2AuthenticationRequestFactory(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestFactory)
Aggregations
Saml2AuthenticationRequestContextResolver (org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestContextResolver)3
Test (org.junit.jupiter.api.Test)2
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)2
Saml2AuthenticationRequestContext (org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext)2
Saml2AuthenticationRequestFactory (org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestFactory)2
DefaultRelyingPartyRegistrationResolver (org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver)2
DefaultSaml2AuthenticationRequestContextResolver (org.springframework.security.saml2.provider.service.web.DefaultSaml2AuthenticationRequestContextResolver)2
RelyingPartyRegistrationResolver (org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver)2
ServletException (jakarta.servlet.ServletException)1
ServletRequest (jakarta.servlet.ServletRequest)1
ServletResponse (jakarta.servlet.ServletResponse)1
HttpServletRequest (jakarta.servlet.http.HttpServletRequest)1
HttpServletResponse (jakarta.servlet.http.HttpServletResponse)1
IOException (java.io.IOException)1
StandardCharsets (java.nio.charset.StandardCharsets)1
Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)1
Assertions.assertThatIllegalArgumentException (org.assertj.core.api.Assertions.assertThatIllegalArgumentException)1
BeforeEach (org.junit.jupiter.api.BeforeEach)1
ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)1
ArgumentMatchers.eq (org.mockito.ArgumentMatchers.eq)1
