Examples with Saml2MetadataFilter org.springframework.security.saml2.provider.service.web.Saml2MetadataFilter used on opensource projects

Example 1 with Saml2MetadataFilter

use of org.springframework.security.saml2.provider.service.web.Saml2MetadataFilter in project spring-security by spring-projects.

the class Saml2MetadataFilterTests method doFilterWhenSetMetadataFilenameThenUses.

@Test
public void doFilterWhenSetMetadataFilenameThenUses() throws Exception {
    RelyingPartyRegistration validRegistration = TestRelyingPartyRegistrations.full().build();
    String testMetadataFilename = "test-{registrationId}-metadata.xml";
    String fileName = testMetadataFilename.replace("{registrationId}", validRegistration.getRegistrationId());
    String encodedFileName = URLEncoder.encode(fileName, StandardCharsets.UTF_8.name());
    String generatedMetadata = "<xml>test</xml>";
    this.request.setPathInfo("/saml2/service-provider-metadata/registration-id");
    given(this.resolver.resolve(validRegistration)).willReturn(generatedMetadata);
    this.filter = new Saml2MetadataFilter((request) -> validRegistration, this.resolver);
    this.filter.setMetadataFilename(testMetadataFilename);
    this.filter.doFilter(this.request, this.response, this.chain);
    assertThat(this.response.getHeaderValue(HttpHeaders.CONTENT_DISPOSITION)).asString().isEqualTo("attachment; filename=\"%s\"; filename*=UTF-8''%s", fileName, encodedFileName);
}

Example 2 with Saml2MetadataFilter

use of org.springframework.security.saml2.provider.service.web.Saml2MetadataFilter in project spring-security by spring-projects.

the class Saml2MetadataFilterTests method doFilterWhenPathStartsWithRegistrationIdThenServesMetadata.

@Test
public void doFilterWhenPathStartsWithRegistrationIdThenServesMetadata() throws Exception {
    RelyingPartyRegistration registration = TestRelyingPartyRegistrations.full().build();
    given(this.repository.findByRegistrationId("registration-id")).willReturn(registration);
    given(this.resolver.resolve(any())).willReturn("metadata");
    RelyingPartyRegistrationResolver resolver = new DefaultRelyingPartyRegistrationResolver((id) -> this.repository.findByRegistrationId("registration-id"));
    this.filter = new Saml2MetadataFilter(resolver, this.resolver);
    this.filter.setRequestMatcher(new AntPathRequestMatcher("/metadata"));
    this.request.setPathInfo("/metadata");
    this.filter.doFilter(this.request, this.response, new MockFilterChain());
    verify(this.repository).findByRegistrationId("registration-id");
}

Example 3 with Saml2MetadataFilter

use of org.springframework.security.saml2.provider.service.web.Saml2MetadataFilter in project midpoint by Evolveum.

the class SamlModuleWebSecurityConfigurer method configure.

@Override
protected void configure(HttpSecurity http) throws Exception {
    super.configure(http);
    MidpointSaml2LoginConfigurer configurer = new MidpointSaml2LoginConfigurer<>(auditProvider);
    configurer.relyingPartyRegistrationRepository(relyingPartyRegistrations()).loginProcessingUrl(getConfiguration().getPrefixOfModule() + SamlModuleWebSecurityConfiguration.SSO_LOCATION_URL_SUFFIX).successHandler(getObjectPostProcessor().postProcess(new MidPointAuthenticationSuccessHandler())).failureHandler(new MidpointAuthenticationFailureHandler());
    try {
        configurer.authenticationManager(new ProviderManager(Collections.emptyList(), authenticationManager()));
    } catch (Exception e) {
        LOGGER.error("Couldn't initialize authentication manager for saml2 module");
    }
    getOrApply(http, configurer);
    Saml2MetadataFilter filter = new Saml2MetadataFilter(new MidpointMetadataRelyingPartyRegistrationResolver(relyingPartyRegistrations()), new OpenSamlMetadataResolver());
    filter.setRequestMatcher(new AntPathRequestMatcher(getConfiguration().getPrefixOfModule() + "/metadata/*"));
    http.addFilterAfter(filter, Saml2WebSsoAuthenticationFilter.class);
}

Example 4 with Saml2MetadataFilter

use of org.springframework.security.saml2.provider.service.web.Saml2MetadataFilter in project spring-security by spring-projects.

the class Saml2MetadataFilterTests method doFilterWhenRelyingPartyRegistrationFoundThenInvokesMetadataResolver.

@Test
public void doFilterWhenRelyingPartyRegistrationFoundThenInvokesMetadataResolver() throws Exception {
    this.request.setPathInfo("/saml2/service-provider-metadata/validRegistration");
    RelyingPartyRegistration validRegistration = TestRelyingPartyRegistrations.noCredentials().assertingPartyDetails((party) -> party.verificationX509Credentials((c) -> c.add(TestSaml2X509Credentials.relyingPartyVerifyingCredential()))).build();
    String generatedMetadata = "<xml>test</xml>";
    given(this.resolver.resolve(validRegistration)).willReturn(generatedMetadata);
    this.filter = new Saml2MetadataFilter((request) -> validRegistration, this.resolver);
    this.filter.doFilter(this.request, this.response, this.chain);
    verifyNoInteractions(this.chain);
    assertThat(this.response.getStatus()).isEqualTo(200);
    assertThat(this.response.getContentAsString()).isEqualTo(generatedMetadata);
    verify(this.resolver).resolve(validRegistration);
}

Example 5 with Saml2MetadataFilter

use of org.springframework.security.saml2.provider.service.web.Saml2MetadataFilter in project spring-security by spring-projects.

the class Saml2MetadataFilterTests method setup.

@BeforeEach
public void setup() {
    this.repository = mock(RelyingPartyRegistrationRepository.class);
    this.resolver = mock(Saml2MetadataResolver.class);
    RelyingPartyRegistrationResolver relyingPartyRegistrationResolver = new DefaultRelyingPartyRegistrationResolver(this.repository);
    this.filter = new Saml2MetadataFilter(relyingPartyRegistrationResolver, this.resolver);
    this.request = new MockHttpServletRequest();
    this.response = new MockHttpServletResponse();
    this.chain = mock(FilterChain.class);
}