Search in sources :

Example 1 with LevelOfAssurance

use of uk.gov.ida.hub.policy.domain.LevelOfAssurance in project verify-hub by alphagov.

the class AuthnResponseFromIdpService method handleSuccessResponse.

private ResponseAction handleSuccessResponse(InboundResponseFromIdpDto inboundResponseFromIdpDto, SessionId sessionId, String principalIPAddressAsSeenByHub, IdpSelectedStateController idpSelectedStateController) {
    LevelOfAssurance loaAchieved = inboundResponseFromIdpDto.getLevelOfAssurance().get();
    SuccessFromIdp successFromIdp = new SuccessFromIdp(inboundResponseFromIdpDto.getIssuer(), inboundResponseFromIdpDto.getEncryptedMatchingDatasetAssertion().get(), inboundResponseFromIdpDto.getAuthnStatementAssertionBlob().get(), new PersistentId(inboundResponseFromIdpDto.getPersistentId().get()), loaAchieved, principalIPAddressAsSeenByHub, inboundResponseFromIdpDto.getPrincipalIpAddressAsSeenByIdp());
    AttributeQueryRequestDto attributeQuery = idpSelectedStateController.createAttributeQuery(successFromIdp);
    idpSelectedStateController.handleSuccessResponseFromIdp(successFromIdp);
    attributeQueryService.sendAttributeQueryRequest(sessionId, attributeQuery);
    return success(sessionId, idpSelectedStateController.isRegistrationContext(), loaAchieved);
}
Also used : LevelOfAssurance(uk.gov.ida.hub.policy.domain.LevelOfAssurance) SuccessFromIdp(uk.gov.ida.hub.policy.domain.SuccessFromIdp) AttributeQueryRequestDto(uk.gov.ida.hub.policy.contracts.AttributeQueryRequestDto) PersistentId(uk.gov.ida.hub.policy.domain.PersistentId)

Example 2 with LevelOfAssurance

use of uk.gov.ida.hub.policy.domain.LevelOfAssurance in project verify-hub by alphagov.

the class SessionServiceTest method shouldGetLevelOfAssurance.

@Test
public void shouldGetLevelOfAssurance() throws Exception {
    SessionId sessionId = createNewSessionId();
    when(sessionRepository.sessionExists(sessionId)).thenReturn(true);
    final Optional<LevelOfAssurance> loa = Optional.of(LevelOfAssurance.LEVEL_1);
    when(sessionRepository.getLevelOfAssuranceFromIdp(sessionId)).thenReturn(loa);
    assertThat(service.getLevelOfAssurance(sessionId)).isEqualTo(loa);
}
Also used : LevelOfAssurance(uk.gov.ida.hub.policy.domain.LevelOfAssurance) SessionId(uk.gov.ida.hub.policy.domain.SessionId) SessionId.createNewSessionId(uk.gov.ida.hub.policy.domain.SessionId.createNewSessionId) Test(org.junit.Test)

Example 3 with LevelOfAssurance

use of uk.gov.ida.hub.policy.domain.LevelOfAssurance in project verify-hub by alphagov.

the class SessionResourceAuthnResponseFromIdpIntegrationTests method responsePost_shouldHandAuthnSuccessResponse.

@Test
public void responsePost_shouldHandAuthnSuccessResponse() throws Exception {
    LevelOfAssurance loaAchieved = LevelOfAssurance.LEVEL_2;
    samlEngineStub.setupStubForIdpAuthnResponseTranslate(InboundResponseFromIdpDtoBuilder.successResponse(idpEntityId, loaAchieved));
    samlEngineStub.setupStubForAttributeQueryRequest(AttributeQueryContainerDtoBuilder.anAttributeQueryContainerDto().build());
    samlSoapProxyStub.setUpStubForSendHubMatchingServiceRequest(sessionId);
    Response response = postIdpResponse(sessionId, samlResponseDto);
    ResponseAction expected = ResponseAction.success(sessionId, true, loaAchieved);
    ResponseAction actualResponseAction = response.readEntity(ResponseAction.class);
    assertThat(actualResponseAction).isEqualToComparingFieldByField(expected);
    SamlAuthnResponseTranslatorDto samlAuthnResponseTranslatorDto = samlEngineStub.getSamlAuthnResponseTranslatorDto(policy.getObjectMapper());
    assertThat(samlAuthnResponseTranslatorDto.getMatchingServiceEntityId()).isEqualTo(matchingServiceEntityId);
}
Also used : LevelOfAssurance(uk.gov.ida.hub.policy.domain.LevelOfAssurance) Response(javax.ws.rs.core.Response) SamlAuthnResponseTranslatorDto(uk.gov.ida.hub.policy.contracts.SamlAuthnResponseTranslatorDto) ResponseAction(uk.gov.ida.hub.policy.domain.ResponseAction) Test(org.junit.Test)

Example 4 with LevelOfAssurance

use of uk.gov.ida.hub.policy.domain.LevelOfAssurance in project verify-hub by alphagov.

the class AuthnRequestFromTransactionHandler method handleRequestFromTransaction.

public SessionId handleRequestFromTransaction(SamlResponseWithAuthnRequestInformationDto samlResponse, Optional<String> relayState, String ipAddress, URI assertionConsumerServiceUri, boolean transactionSupportsEidas) {
    Duration sessionLength = policyConfiguration.getSessionLength();
    DateTime sessionExpiryTimestamp = DateTime.now().plus(sessionLength);
    SessionId sessionId = SessionId.createNewSessionId();
    SessionStartedState sessionStartedState = new SessionStartedState(samlResponse.getId(), relayState.orNull(), samlResponse.getIssuer(), assertionConsumerServiceUri, samlResponse.getForceAuthentication().orNull(), sessionExpiryTimestamp, sessionId, transactionSupportsEidas);
    final List<LevelOfAssurance> transactionLevelsOfAssurance = transactionsConfigProxy.getLevelsOfAssurance(samlResponse.getIssuer());
    hubEventLogger.logSessionStartedEvent(samlResponse, ipAddress, sessionExpiryTimestamp, sessionId, transactionLevelsOfAssurance.get(0), transactionLevelsOfAssurance.get(transactionLevelsOfAssurance.size() - 1));
    return sessionRepository.createSession(sessionStartedState);
}
Also used : LevelOfAssurance(uk.gov.ida.hub.policy.domain.LevelOfAssurance) Duration(org.joda.time.Duration) SessionId(uk.gov.ida.hub.policy.domain.SessionId) DateTime(org.joda.time.DateTime) SessionStartedState(uk.gov.ida.hub.policy.domain.state.SessionStartedState)

Example 5 with LevelOfAssurance

use of uk.gov.ida.hub.policy.domain.LevelOfAssurance in project verify-hub by alphagov.

the class IdpSelector method buildIdpSelectedState.

public static IdpSelectedState buildIdpSelectedState(IdpSelectingState state, String idpEntityId, boolean registering, LevelOfAssurance requestedLoa, TransactionsConfigProxy transactionsConfigProxy, IdentityProvidersConfigProxy identityProvidersConfigProxy) {
    List<LevelOfAssurance> levelsOfAssuranceForTransaction = transactionsConfigProxy.getLevelsOfAssurance(state.getRequestIssuerEntityId());
    if (!levelsOfAssuranceForTransaction.contains(requestedLoa)) {
        throw StateProcessingValidationException.requestedLevelOfAssuranceUnsupportedByTransactionEntity(state.getRequestIssuerEntityId(), levelsOfAssuranceForTransaction, requestedLoa);
    }
    List<String> availableIdentityProviderEntityIdsForLoa = identityProvidersConfigProxy.getEnabledIdentityProviders(state.getRequestIssuerEntityId(), registering, requestedLoa);
    checkValidIdentityProvider(idpEntityId, availableIdentityProviderEntityIdsForLoa, state);
    IdpConfigDto idpConfig = identityProvidersConfigProxy.getIdpConfig(idpEntityId);
    final List<LevelOfAssurance> idpLevelsOfAssurance = idpConfig.getSupportedLevelsOfAssurance();
    List<LevelOfAssurance> levelsOfAssuranceForTransactionSupportedByIdp = levelsOfAssuranceForTransaction.stream().filter(idpLevelsOfAssurance::contains).collect(Collectors.toList());
    String matchingServiceEntityId = transactionsConfigProxy.getMatchingServiceEntityId(state.getRequestIssuerEntityId());
    return new IdpSelectedState(state.getRequestId(), idpEntityId, matchingServiceEntityId, levelsOfAssuranceForTransactionSupportedByIdp, idpConfig.getUseExactComparisonType(), state.getForceAuthentication().orNull(), state.getAssertionConsumerServiceUri(), state.getRequestIssuerEntityId(), state.getRelayState().orNull(), state.getSessionExpiryTimestamp(), registering, requestedLoa, state.getSessionId(), availableIdentityProviderEntityIdsForLoa, state.getTransactionSupportsEidas());
}
Also used : LevelOfAssurance(uk.gov.ida.hub.policy.domain.LevelOfAssurance) IdpConfigDto(uk.gov.ida.hub.policy.domain.IdpConfigDto) IdpSelectedState(uk.gov.ida.hub.policy.domain.state.IdpSelectedState)

Aggregations

LevelOfAssurance (uk.gov.ida.hub.policy.domain.LevelOfAssurance)9 Test (org.junit.Test)6 ResponseAction (uk.gov.ida.hub.policy.domain.ResponseAction)3 SessionId (uk.gov.ida.hub.policy.domain.SessionId)3 Response (javax.ws.rs.core.Response)2 AttributeQueryRequestDto (uk.gov.ida.hub.policy.contracts.AttributeQueryRequestDto)2 SamlAuthnResponseTranslatorDto (uk.gov.ida.hub.policy.contracts.SamlAuthnResponseTranslatorDto)2 SuccessFromIdp (uk.gov.ida.hub.policy.domain.SuccessFromIdp)2 URI (java.net.URI)1 DateTime (org.joda.time.DateTime)1 Duration (org.joda.time.Duration)1 AttributeQueryContainerDto (uk.gov.ida.hub.policy.contracts.AttributeQueryContainerDto)1 IdpConfigDto (uk.gov.ida.hub.policy.domain.IdpConfigDto)1 InboundResponseFromIdpDto (uk.gov.ida.hub.policy.domain.InboundResponseFromIdpDto)1 PersistentId (uk.gov.ida.hub.policy.domain.PersistentId)1 SessionId.createNewSessionId (uk.gov.ida.hub.policy.domain.SessionId.createNewSessionId)1 StateProcessingValidationException (uk.gov.ida.hub.policy.domain.exception.StateProcessingValidationException)1 Cycle0And1MatchRequestSentState (uk.gov.ida.hub.policy.domain.state.Cycle0And1MatchRequestSentState)1 IdpSelectedState (uk.gov.ida.hub.policy.domain.state.IdpSelectedState)1 SessionStartedState (uk.gov.ida.hub.policy.domain.state.SessionStartedState)1