Search in sources :

Example 6 with AuthenticationConverter

use of org.springframework.security.web.authentication.AuthenticationConverter in project spring-security by spring-projects.

the class Saml2WebSsoAuthenticationFilterTests method attemptAuthenticationAddsDetails.

@Test
public void attemptAuthenticationAddsDetails() {
    AuthenticationConverter authenticationConverter = mock(AuthenticationConverter.class);
    final Saml2AuthenticationToken token = TestSaml2AuthenticationTokens.token();
    given(authenticationConverter.convert(this.request)).willReturn(token);
    final AuthenticationDetailsSource authenticationDetailsSource = mock(AuthenticationDetailsSource.class);
    final WebAuthenticationDetails details = mock(WebAuthenticationDetails.class);
    given(authenticationDetailsSource.buildDetails(this.request)).willReturn(details);
    this.filter = new Saml2WebSsoAuthenticationFilter(authenticationConverter, "/some/other/path/{registrationId}");
    this.filter.setAuthenticationManager((authentication) -> null);
    this.filter.setAuthenticationDetailsSource(authenticationDetailsSource);
    this.request.setPathInfo("/some/other/path/idp-registration-id");
    this.filter.attemptAuthentication(this.request, this.response);
    Assertions.assertEquals(details, token.getDetails());
}
Also used : AuthenticationConverter(org.springframework.security.web.authentication.AuthenticationConverter) AuthenticationDetailsSource(org.springframework.security.authentication.AuthenticationDetailsSource) WebAuthenticationDetails(org.springframework.security.web.authentication.WebAuthenticationDetails) Saml2AuthenticationToken(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken) Test(org.junit.jupiter.api.Test)

Example 7 with AuthenticationConverter

use of org.springframework.security.web.authentication.AuthenticationConverter in project spring-security by spring-projects.

the class Saml2WebSsoAuthenticationFilterTests method doFilterWhenPathStartsWithRegistrationIdThenAuthenticates.

@Test
public void doFilterWhenPathStartsWithRegistrationIdThenAuthenticates() throws Exception {
    RelyingPartyRegistration registration = TestRelyingPartyRegistrations.full().build();
    Authentication authentication = new TestingAuthenticationToken("user", "password");
    given(this.repository.findByRegistrationId("registration-id")).willReturn(registration);
    given(this.authenticationManager.authenticate(authentication)).willReturn(authentication);
    String loginProcessingUrl = "/{registrationId}/login/saml2/sso";
    RequestMatcher matcher = new AntPathRequestMatcher(loginProcessingUrl);
    DefaultRelyingPartyRegistrationResolver delegate = new DefaultRelyingPartyRegistrationResolver(this.repository);
    RelyingPartyRegistrationResolver resolver = (request, id) -> {
        String registrationId = matcher.matcher(request).getVariables().get("registrationId");
        return delegate.resolve(request, registrationId);
    };
    Saml2AuthenticationTokenConverter authenticationConverter = new Saml2AuthenticationTokenConverter(resolver);
    this.filter = new Saml2WebSsoAuthenticationFilter(authenticationConverter, loginProcessingUrl);
    this.filter.setAuthenticationManager(this.authenticationManager);
    this.request.setPathInfo("/registration-id/login/saml2/sso");
    this.request.setParameter(Saml2ParameterNames.SAML_RESPONSE, "response");
    this.filter.doFilter(this.request, this.response, new MockFilterChain());
    verify(this.repository).findByRegistrationId("registration-id");
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Saml2AuthenticationRequestRepository(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestRepository) WebAuthenticationDetails(org.springframework.security.web.authentication.WebAuthenticationDetails) BeforeEach(org.junit.jupiter.api.BeforeEach) MockFilterChain(org.springframework.mock.web.MockFilterChain) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) RelyingPartyRegistrationRepository(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Mockito.verifyNoInteractions(org.mockito.Mockito.verifyNoInteractions) Assertions.assertThatNoException(org.assertj.core.api.Assertions.assertThatNoException) BDDMockito.given(org.mockito.BDDMockito.given) AbstractSaml2AuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest) AuthenticationDetailsSource(org.springframework.security.authentication.AuthenticationDetailsSource) Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType) DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver) Saml2AuthenticationToken(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken) AuthenticationManager(org.springframework.security.authentication.AuthenticationManager) RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver) TestSaml2AuthenticationTokens(org.springframework.security.saml2.provider.service.authentication.TestSaml2AuthenticationTokens) Saml2AuthenticationTokenConverter(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationTokenConverter) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) Mockito.verify(org.mockito.Mockito.verify) Test(org.junit.jupiter.api.Test) Saml2ParameterNames(org.springframework.security.saml2.core.Saml2ParameterNames) Assertions(org.junit.jupiter.api.Assertions) AuthenticationConverter(org.springframework.security.web.authentication.AuthenticationConverter) Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException) Saml2AuthenticationException(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationException) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) Authentication(org.springframework.security.core.Authentication) TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) Mockito.mock(org.mockito.Mockito.mock) RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) Saml2AuthenticationTokenConverter(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationTokenConverter) Authentication(org.springframework.security.core.Authentication) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver) DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver) RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) MockFilterChain(org.springframework.mock.web.MockFilterChain) Test(org.junit.jupiter.api.Test)

Example 8 with AuthenticationConverter

use of org.springframework.security.web.authentication.AuthenticationConverter in project spring-security by spring-projects.

the class Saml2WebSsoAuthenticationFilterTests method attemptAuthenticationWhenAuthenticationNotAbstractAuthenticationTokenDoesNotAddDetails.

@Test
public void attemptAuthenticationWhenAuthenticationNotAbstractAuthenticationTokenDoesNotAddDetails() {
    AuthenticationConverter authenticationConverter = mock(AuthenticationConverter.class);
    final Authentication authenticationWithoutDetails = mock(Authentication.class);
    given(authenticationConverter.convert(this.request)).willReturn(authenticationWithoutDetails);
    final AuthenticationDetailsSource authenticationDetailsSource = mock(AuthenticationDetailsSource.class);
    this.filter = new Saml2WebSsoAuthenticationFilter(authenticationConverter, "/some/other/path/{registrationId}");
    this.filter.setAuthenticationManager((authentication) -> null);
    this.filter.setAuthenticationDetailsSource(authenticationDetailsSource);
    this.request.setPathInfo("/some/other/path/idp-registration-id");
    assertThatNoException().isThrownBy(() -> this.filter.attemptAuthentication(this.request, this.response));
    verifyNoInteractions(authenticationDetailsSource);
}
Also used : AuthenticationConverter(org.springframework.security.web.authentication.AuthenticationConverter) AuthenticationDetailsSource(org.springframework.security.authentication.AuthenticationDetailsSource) Authentication(org.springframework.security.core.Authentication) Test(org.junit.jupiter.api.Test)

Aggregations

Test (org.junit.jupiter.api.Test)8 AuthenticationConverter (org.springframework.security.web.authentication.AuthenticationConverter)8 AbstractSaml2AuthenticationRequest (org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest)5 HttpServletResponse (jakarta.servlet.http.HttpServletResponse)3 Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)3 Assertions (org.junit.jupiter.api.Assertions)3 BeforeEach (org.junit.jupiter.api.BeforeEach)3 BDDMockito.given (org.mockito.BDDMockito.given)3 Mockito.mock (org.mockito.Mockito.mock)3 Mockito.verify (org.mockito.Mockito.verify)3 Mockito.verifyNoInteractions (org.mockito.Mockito.verifyNoInteractions)3 MockFilterChain (org.springframework.mock.web.MockFilterChain)3 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)3 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)3 AuthenticationDetailsSource (org.springframework.security.authentication.AuthenticationDetailsSource)3 AuthenticationManager (org.springframework.security.authentication.AuthenticationManager)3 Authentication (org.springframework.security.core.Authentication)3 Saml2AuthenticationToken (org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken)3 ServletException (jakarta.servlet.ServletException)2 HttpServletRequest (jakarta.servlet.http.HttpServletRequest)2