Search in sources :

Example 1 with SamlAuthnResponseTranslatorDto

use of uk.gov.ida.hub.policy.contracts.SamlAuthnResponseTranslatorDto in project verify-hub by alphagov.

the class SessionResourceAuthnResponseFromIdpIntegrationTests method responsePost_shouldHandAuthnSuccessResponse.

@Test
public void responsePost_shouldHandAuthnSuccessResponse() throws Exception {
    LevelOfAssurance loaAchieved = LevelOfAssurance.LEVEL_2;
    samlEngineStub.setupStubForIdpAuthnResponseTranslate(InboundResponseFromIdpDtoBuilder.successResponse(idpEntityId, loaAchieved));
    samlEngineStub.setupStubForAttributeQueryRequest(AttributeQueryContainerDtoBuilder.anAttributeQueryContainerDto().build());
    samlSoapProxyStub.setUpStubForSendHubMatchingServiceRequest(sessionId);
    Response response = postIdpResponse(sessionId, samlResponseDto);
    ResponseAction expected = ResponseAction.success(sessionId, true, loaAchieved, null);
    ResponseAction actualResponseAction = response.readEntity(ResponseAction.class);
    assertThat(actualResponseAction).isEqualToComparingFieldByField(expected);
    SamlAuthnResponseTranslatorDto samlAuthnResponseTranslatorDto = samlEngineStub.getSamlAuthnResponseTranslatorDto(policyApp.getObjectMapper());
    assertThat(samlAuthnResponseTranslatorDto.getMatchingServiceEntityId()).isEqualTo(matchingServiceEntityId);
}
Also used : LevelOfAssurance(uk.gov.ida.hub.policy.domain.LevelOfAssurance) Response(javax.ws.rs.core.Response) SamlAuthnResponseTranslatorDto(uk.gov.ida.hub.policy.contracts.SamlAuthnResponseTranslatorDto) ResponseAction(uk.gov.ida.hub.policy.domain.ResponseAction) Test(org.junit.jupiter.api.Test)

Example 2 with SamlAuthnResponseTranslatorDto

use of uk.gov.ida.hub.policy.contracts.SamlAuthnResponseTranslatorDto in project verify-hub by alphagov.

the class AuthnResponseFromIdpServiceTest method shouldSendRequestToMatchingServiceViaAttributeQueryServiceAndUpdateSessionStateWhenSuccessfulResponseIsReceived.

@Test
public void shouldSendRequestToMatchingServiceViaAttributeQueryServiceAndUpdateSessionStateWhenSuccessfulResponseIsReceived() {
    // Given
    final String msaEntityId = "a-msa-entity-id";
    LevelOfAssurance loaAchieved = LevelOfAssurance.LEVEL_2;
    stub(idpSelectedStateController.isRegistrationContext()).toReturn(REGISTERING);
    when(idpSelectedStateController.getMatchingServiceEntityId()).thenReturn(msaEntityId);
    InboundResponseFromIdpDto successResponseFromIdp = InboundResponseFromIdpDtoBuilder.successResponse(UUID.randomUUID().toString(), loaAchieved);
    SamlAuthnResponseTranslatorDto samlAuthnResponseTranslatorDto = SamlAuthnResponseTranslatorDtoBuilder.aSamlAuthnResponseTranslatorDto().build();
    when(samlAuthnResponseTranslatorDtoFactory.fromSamlAuthnResponseContainerDto(samlAuthnResponseContainerDto, msaEntityId)).thenReturn(samlAuthnResponseTranslatorDto);
    stub(samlEngineProxy.translateAuthnResponseFromIdp(any(SamlAuthnResponseTranslatorDto.class))).toReturn(successResponseFromIdp);
    AttributeQueryRequestDto attributeQueryRequestDto = AttributeQueryRequestBuilder.anAttributeQueryRequest().build();
    stub(idpSelectedStateController.createAttributeQuery(any(SuccessFromIdp.class))).toReturn(attributeQueryRequestDto);
    AttributeQueryContainerDto msaRequest = AttributeQueryContainerDtoBuilder.anAttributeQueryContainerDto().build();
    stub(samlEngineProxy.generateAttributeQuery(attributeQueryRequestDto)).toReturn(msaRequest);
    // When
    ResponseAction responseAction = service.receiveAuthnResponseFromIdp(sessionId, samlAuthnResponseContainerDto);
    // Then
    verify(samlAuthnResponseTranslatorDtoFactory).fromSamlAuthnResponseContainerDto(samlAuthnResponseContainerDto, msaEntityId);
    verify(attributeQueryService).sendAttributeQueryRequest(sessionId, attributeQueryRequestDto);
    verifyIdpStateControllerIsCalledWithRightDataOnSuccess(successResponseFromIdp);
    ResponseAction expectedResponseAction = ResponseAction.success(sessionId, REGISTERING, loaAchieved);
    assertThat(responseAction).isEqualToComparingFieldByField(expectedResponseAction);
}
Also used : LevelOfAssurance(uk.gov.ida.hub.policy.domain.LevelOfAssurance) SuccessFromIdp(uk.gov.ida.hub.policy.domain.SuccessFromIdp) AttributeQueryContainerDto(uk.gov.ida.hub.policy.contracts.AttributeQueryContainerDto) InboundResponseFromIdpDto(uk.gov.ida.hub.policy.domain.InboundResponseFromIdpDto) SamlAuthnResponseTranslatorDto(uk.gov.ida.hub.policy.contracts.SamlAuthnResponseTranslatorDto) AttributeQueryRequestDto(uk.gov.ida.hub.policy.contracts.AttributeQueryRequestDto) ResponseAction(uk.gov.ida.hub.policy.domain.ResponseAction) Test(org.junit.Test)

Example 3 with SamlAuthnResponseTranslatorDto

use of uk.gov.ida.hub.policy.contracts.SamlAuthnResponseTranslatorDto in project verify-hub by alphagov.

the class AuthnResponseFromCountryService method receiveAuthnResponseFromCountry.

public ResponseAction receiveAuthnResponseFromCountry(SessionId sessionId, SamlAuthnResponseContainerDto responseFromCountry) {
    CountrySelectedStateController stateController = (CountrySelectedStateController) sessionRepository.getStateController(sessionId, CountrySelectedState.class);
    String matchingServiceEntityId = stateController.getMatchingServiceEntityId();
    stateController.validateCountryIsIn(countriesService.getCountries(sessionId));
    SamlAuthnResponseTranslatorDto responseToTranslate = samlAuthnResponseTranslatorDtoFactory.fromSamlAuthnResponseContainerDto(responseFromCountry, matchingServiceEntityId);
    InboundResponseFromCountry translatedResponse = samlEngineProxy.translateAuthnResponseFromCountry(responseToTranslate);
    if (translatedResponse.getStatus() != IdpIdaStatus.Status.Success)
        return other(sessionId, false);
    validateSuccessfulResponse(stateController, translatedResponse);
    EidasAttributeQueryRequestDto eidasAttributeQueryRequestDto = getEidasAttributeQueryRequestDto(stateController, translatedResponse);
    stateController.transitionToEidasCycle0And1MatchRequestSentState(eidasAttributeQueryRequestDto, responseFromCountry.getPrincipalIPAddressAsSeenByHub(), translatedResponse.getIssuer());
    AttributeQueryContainerDto aqr = samlEngineProxy.generateEidasAttributeQuery(eidasAttributeQueryRequestDto);
    samlSoapProxyProxy.sendHubMatchingServiceRequest(sessionId, getAttributeQueryRequest(aqr));
    return ResponseAction.success(sessionId, false, LevelOfAssurance.LEVEL_2);
}
Also used : AttributeQueryContainerDto(uk.gov.ida.hub.policy.contracts.AttributeQueryContainerDto) InboundResponseFromCountry(uk.gov.ida.hub.policy.domain.InboundResponseFromCountry) SamlAuthnResponseTranslatorDto(uk.gov.ida.hub.policy.contracts.SamlAuthnResponseTranslatorDto) CountrySelectedState(uk.gov.ida.hub.policy.domain.state.CountrySelectedState) CountrySelectedStateController(uk.gov.ida.hub.policy.domain.controller.CountrySelectedStateController) EidasAttributeQueryRequestDto(uk.gov.ida.hub.policy.contracts.EidasAttributeQueryRequestDto)

Example 4 with SamlAuthnResponseTranslatorDto

use of uk.gov.ida.hub.policy.contracts.SamlAuthnResponseTranslatorDto in project verify-hub by alphagov.

the class AuthnResponseFromIdpService method receiveAuthnResponseFromIdp.

public ResponseAction receiveAuthnResponseFromIdp(SessionId sessionId, SamlAuthnResponseContainerDto samlResponseDto) {
    IdpSelectedStateController idpSelectedController = (IdpSelectedStateController) sessionRepository.getStateController(sessionId, IdpSelectedState.class);
    boolean matchingJourney = idpSelectedController.isMatchingJourney();
    String entityToEncryptFor = matchingJourney ? idpSelectedController.getMatchingServiceEntityId() : idpSelectedController.getRequestIssuerId();
    final SamlAuthnResponseTranslatorDto samlAuthnResponseTranslatorDto = samlAuthnResponseTranslatorDtoFactory.fromSamlAuthnResponseContainerDto(samlResponseDto, entityToEncryptFor);
    final InboundResponseFromIdpDto idaResponseFromIdpDto = samlEngineProxy.translateAuthnResponseFromIdp(samlAuthnResponseTranslatorDto);
    final String principalIPAddressAsSeenByHub = samlResponseDto.getPrincipalIPAddressAsSeenByHub();
    ResponseAction responseAction;
    if (isFraudulent(idaResponseFromIdpDto)) {
        responseAction = handleFraudResponse(idaResponseFromIdpDto, sessionId, principalIPAddressAsSeenByHub, idpSelectedController, samlResponseDto.getAnalyticsSessionId(), samlResponseDto.getJourneyType());
    } else {
        responseAction = handleNonFraudResponse(idaResponseFromIdpDto, sessionId, principalIPAddressAsSeenByHub, matchingJourney, idpSelectedController, samlResponseDto.getAnalyticsSessionId(), samlResponseDto.getJourneyType());
    }
    return responseAction;
}
Also used : IdpSelectedStateController(uk.gov.ida.hub.policy.domain.controller.IdpSelectedStateController) InboundResponseFromIdpDto(uk.gov.ida.hub.policy.domain.InboundResponseFromIdpDto) SamlAuthnResponseTranslatorDto(uk.gov.ida.hub.policy.contracts.SamlAuthnResponseTranslatorDto) IdpSelectedState(uk.gov.ida.hub.policy.domain.state.IdpSelectedState) ResponseAction(uk.gov.ida.hub.policy.domain.ResponseAction)

Example 5 with SamlAuthnResponseTranslatorDto

use of uk.gov.ida.hub.policy.contracts.SamlAuthnResponseTranslatorDto in project verify-hub by alphagov.

the class AuthnResponseFromIdpServiceTest method mockOutStubs.

private void mockOutStubs(boolean isRegistering, boolean isMatchingJourney, InboundResponseFromIdpDto responseFromIdpDto) {
    when(idpSelectedStateController.isRegistrationContext()).thenReturn(isRegistering);
    when(idpSelectedStateController.getMatchingServiceEntityId()).thenReturn(MSA_ENTITY_ID);
    when(idpSelectedStateController.getRequestIssuerId()).thenReturn(REQUEST_ISSUER_ID);
    when(idpSelectedStateController.isMatchingJourney()).thenReturn(isMatchingJourney);
    SamlAuthnResponseTranslatorDto samlAuthnResponseTranslatorDto = SamlAuthnResponseTranslatorDtoBuilder.aSamlAuthnResponseTranslatorDto().build();
    when(samlAuthnResponseTranslatorDtoFactory.fromSamlAuthnResponseContainerDto(samlAuthnResponseContainerDto, MSA_ENTITY_ID)).thenReturn(samlAuthnResponseTranslatorDto);
    if (isMatchingJourney) {
        when(samlAuthnResponseTranslatorDtoFactory.fromSamlAuthnResponseContainerDto(samlAuthnResponseContainerDto, MSA_ENTITY_ID)).thenReturn(samlAuthnResponseTranslatorDto);
    } else {
        when(samlAuthnResponseTranslatorDtoFactory.fromSamlAuthnResponseContainerDto(samlAuthnResponseContainerDto, REQUEST_ISSUER_ID)).thenReturn(samlAuthnResponseTranslatorDto);
    }
    when(samlEngineProxy.translateAuthnResponseFromIdp(any(SamlAuthnResponseTranslatorDto.class))).thenReturn(responseFromIdpDto);
}
Also used : SamlAuthnResponseTranslatorDto(uk.gov.ida.hub.policy.contracts.SamlAuthnResponseTranslatorDto)

Aggregations

SamlAuthnResponseTranslatorDto (uk.gov.ida.hub.policy.contracts.SamlAuthnResponseTranslatorDto)5 ResponseAction (uk.gov.ida.hub.policy.domain.ResponseAction)3 AttributeQueryContainerDto (uk.gov.ida.hub.policy.contracts.AttributeQueryContainerDto)2 InboundResponseFromIdpDto (uk.gov.ida.hub.policy.domain.InboundResponseFromIdpDto)2 LevelOfAssurance (uk.gov.ida.hub.policy.domain.LevelOfAssurance)2 Response (javax.ws.rs.core.Response)1 Test (org.junit.Test)1 Test (org.junit.jupiter.api.Test)1 AttributeQueryRequestDto (uk.gov.ida.hub.policy.contracts.AttributeQueryRequestDto)1 EidasAttributeQueryRequestDto (uk.gov.ida.hub.policy.contracts.EidasAttributeQueryRequestDto)1 InboundResponseFromCountry (uk.gov.ida.hub.policy.domain.InboundResponseFromCountry)1 SuccessFromIdp (uk.gov.ida.hub.policy.domain.SuccessFromIdp)1 CountrySelectedStateController (uk.gov.ida.hub.policy.domain.controller.CountrySelectedStateController)1 IdpSelectedStateController (uk.gov.ida.hub.policy.domain.controller.IdpSelectedStateController)1 CountrySelectedState (uk.gov.ida.hub.policy.domain.state.CountrySelectedState)1 IdpSelectedState (uk.gov.ida.hub.policy.domain.state.IdpSelectedState)1