use of org.springframework.security.saml2.provider.service.web.Saml2AuthenticationTokenConverter in project spring-security by spring-projects.
the class Saml2LoginConfigurerTests method authenticateWhenCustomLoginProcessingUrlAndSaml2AuthenticationTokenConverterBeanThenAuthenticate.
@Test
public void authenticateWhenCustomLoginProcessingUrlAndSaml2AuthenticationTokenConverterBeanThenAuthenticate() throws Exception {
this.spring.register(CustomLoginProcessingUrlSaml2AuthenticationTokenConverterBean.class).autowire();
Saml2AuthenticationTokenConverter authenticationConverter = this.spring.getContext().getBean(Saml2AuthenticationTokenConverter.class);
RelyingPartyRegistration relyingPartyRegistration = TestRelyingPartyRegistrations.noCredentials().assertingPartyDetails((party) -> party.verificationX509Credentials((c) -> c.add(TestSaml2X509Credentials.relyingPartyVerifyingCredential()))).build();
String response = new String(Saml2Utils.samlDecode(SIGNED_RESPONSE));
given(authenticationConverter.convert(any(HttpServletRequest.class))).willReturn(new Saml2AuthenticationToken(relyingPartyRegistration, response));
// @formatter:off
MockHttpServletRequestBuilder request = post("/my/custom/url").param("SAMLResponse", SIGNED_RESPONSE);
// @formatter:on
this.mvc.perform(request).andExpect(redirectedUrl("/"));
verify(authenticationConverter).convert(any(HttpServletRequest.class));
}
use of org.springframework.security.saml2.provider.service.web.Saml2AuthenticationTokenConverter in project spring-security by spring-projects.
the class Saml2WebSsoAuthenticationFilterTests method setAuthenticationRequestRepositoryWhenExpectedAuthenticationConverterTypeThenSetLoaderIntoConverter.
@Test
public void setAuthenticationRequestRepositoryWhenExpectedAuthenticationConverterTypeThenSetLoaderIntoConverter() {
Saml2AuthenticationTokenConverter authenticationConverter = mock(Saml2AuthenticationTokenConverter.class);
Saml2AuthenticationRequestRepository<AbstractSaml2AuthenticationRequest> authenticationRequestRepository = mock(Saml2AuthenticationRequestRepository.class);
this.filter = new Saml2WebSsoAuthenticationFilter(authenticationConverter, "/some/other/path/{registrationId}");
this.filter.setAuthenticationRequestRepository(authenticationRequestRepository);
verify(authenticationConverter).setAuthenticationRequestRepository(authenticationRequestRepository);
}
use of org.springframework.security.saml2.provider.service.web.Saml2AuthenticationTokenConverter in project spring-security by spring-projects.
the class Saml2AuthenticationTokenConverterTests method convertWhenGetRequestInvalidDeflatedThenSaml2AuthenticationException.
@Test
public void convertWhenGetRequestInvalidDeflatedThenSaml2AuthenticationException() {
Saml2AuthenticationTokenConverter converter = new Saml2AuthenticationTokenConverter(this.relyingPartyRegistrationResolver);
given(this.relyingPartyRegistrationResolver.convert(any(HttpServletRequest.class))).willReturn(this.relyingPartyRegistration);
MockHttpServletRequest request = new MockHttpServletRequest();
request.setMethod("GET");
byte[] invalidDeflated = "invalid".getBytes();
String encoded = Saml2Utils.samlEncode(invalidDeflated);
request.setParameter(Saml2ParameterNames.SAML_RESPONSE, encoded);
assertThatExceptionOfType(Saml2AuthenticationException.class).isThrownBy(() -> converter.convert(request)).withCauseInstanceOf(IOException.class).satisfies((ex) -> assertThat(ex.getSaml2Error().getErrorCode()).isEqualTo(Saml2ErrorCodes.INVALID_RESPONSE)).satisfies((ex) -> assertThat(ex.getSaml2Error().getDescription()).isEqualTo("Unable to inflate string"));
}
use of org.springframework.security.saml2.provider.service.web.Saml2AuthenticationTokenConverter in project spring-security by spring-projects.
the class Saml2AuthenticationTokenConverterTests method convertWhenSamlResponseInvalidBase64ThenSaml2AuthenticationException.
@Test
public void convertWhenSamlResponseInvalidBase64ThenSaml2AuthenticationException() {
Saml2AuthenticationTokenConverter converter = new Saml2AuthenticationTokenConverter(this.relyingPartyRegistrationResolver);
given(this.relyingPartyRegistrationResolver.convert(any(HttpServletRequest.class))).willReturn(this.relyingPartyRegistration);
MockHttpServletRequest request = new MockHttpServletRequest();
request.setParameter(Saml2ParameterNames.SAML_RESPONSE, "invalid");
assertThatExceptionOfType(Saml2AuthenticationException.class).isThrownBy(() -> converter.convert(request)).withCauseInstanceOf(IllegalArgumentException.class).satisfies((ex) -> assertThat(ex.getSaml2Error().getErrorCode()).isEqualTo(Saml2ErrorCodes.INVALID_RESPONSE)).satisfies((ex) -> assertThat(ex.getSaml2Error().getDescription()).isEqualTo("Failed to decode SAMLResponse"));
}
use of org.springframework.security.saml2.provider.service.web.Saml2AuthenticationTokenConverter in project spring-security by spring-projects.
the class Saml2AuthenticationTokenConverterTests method convertWhenGetRequestThenInflates.
@Test
public void convertWhenGetRequestThenInflates() {
Saml2AuthenticationTokenConverter converter = new Saml2AuthenticationTokenConverter(this.relyingPartyRegistrationResolver);
given(this.relyingPartyRegistrationResolver.convert(any(HttpServletRequest.class))).willReturn(this.relyingPartyRegistration);
MockHttpServletRequest request = new MockHttpServletRequest();
request.setMethod("GET");
byte[] deflated = Saml2Utils.samlDeflate("response");
String encoded = Saml2Utils.samlEncode(deflated);
request.setParameter(Saml2ParameterNames.SAML_RESPONSE, encoded);
Saml2AuthenticationToken token = converter.convert(request);
assertThat(token.getSaml2Response()).isEqualTo("response");
assertThat(token.getRelyingPartyRegistration().getRegistrationId()).isEqualTo(this.relyingPartyRegistration.getRegistrationId());
}
Aggregations