use of uk.gov.ida.hub.policy.domain.LevelOfAssurance in project verify-hub by alphagov.
the class AuthnResponseFromIdpService method handleSuccessResponse.
private ResponseAction handleSuccessResponse(InboundResponseFromIdpDto inboundResponseFromIdpDto, SessionId sessionId, String principalIPAddressAsSeenByHub, IdpSelectedStateController idpSelectedStateController) {
LevelOfAssurance loaAchieved = inboundResponseFromIdpDto.getLevelOfAssurance().get();
SuccessFromIdp successFromIdp = new SuccessFromIdp(inboundResponseFromIdpDto.getIssuer(), inboundResponseFromIdpDto.getEncryptedMatchingDatasetAssertion().get(), inboundResponseFromIdpDto.getAuthnStatementAssertionBlob().get(), new PersistentId(inboundResponseFromIdpDto.getPersistentId().get()), loaAchieved, principalIPAddressAsSeenByHub, inboundResponseFromIdpDto.getPrincipalIpAddressAsSeenByIdp());
AttributeQueryRequestDto attributeQuery = idpSelectedStateController.createAttributeQuery(successFromIdp);
idpSelectedStateController.handleSuccessResponseFromIdp(successFromIdp);
attributeQueryService.sendAttributeQueryRequest(sessionId, attributeQuery);
return success(sessionId, idpSelectedStateController.isRegistrationContext(), loaAchieved);
}
use of uk.gov.ida.hub.policy.domain.LevelOfAssurance in project verify-hub by alphagov.
the class SessionServiceTest method shouldGetLevelOfAssurance.
@Test
public void shouldGetLevelOfAssurance() throws Exception {
SessionId sessionId = createNewSessionId();
when(sessionRepository.sessionExists(sessionId)).thenReturn(true);
final Optional<LevelOfAssurance> loa = Optional.of(LevelOfAssurance.LEVEL_1);
when(sessionRepository.getLevelOfAssuranceFromIdp(sessionId)).thenReturn(loa);
assertThat(service.getLevelOfAssurance(sessionId)).isEqualTo(loa);
}
use of uk.gov.ida.hub.policy.domain.LevelOfAssurance in project verify-hub by alphagov.
the class SessionResourceAuthnResponseFromIdpIntegrationTests method responsePost_shouldHandAuthnSuccessResponse.
@Test
public void responsePost_shouldHandAuthnSuccessResponse() throws Exception {
LevelOfAssurance loaAchieved = LevelOfAssurance.LEVEL_2;
samlEngineStub.setupStubForIdpAuthnResponseTranslate(InboundResponseFromIdpDtoBuilder.successResponse(idpEntityId, loaAchieved));
samlEngineStub.setupStubForAttributeQueryRequest(AttributeQueryContainerDtoBuilder.anAttributeQueryContainerDto().build());
samlSoapProxyStub.setUpStubForSendHubMatchingServiceRequest(sessionId);
Response response = postIdpResponse(sessionId, samlResponseDto);
ResponseAction expected = ResponseAction.success(sessionId, true, loaAchieved);
ResponseAction actualResponseAction = response.readEntity(ResponseAction.class);
assertThat(actualResponseAction).isEqualToComparingFieldByField(expected);
SamlAuthnResponseTranslatorDto samlAuthnResponseTranslatorDto = samlEngineStub.getSamlAuthnResponseTranslatorDto(policy.getObjectMapper());
assertThat(samlAuthnResponseTranslatorDto.getMatchingServiceEntityId()).isEqualTo(matchingServiceEntityId);
}
use of uk.gov.ida.hub.policy.domain.LevelOfAssurance in project verify-hub by alphagov.
the class AuthnRequestFromTransactionHandler method handleRequestFromTransaction.
public SessionId handleRequestFromTransaction(SamlResponseWithAuthnRequestInformationDto samlResponse, Optional<String> relayState, String ipAddress, URI assertionConsumerServiceUri, boolean transactionSupportsEidas) {
Duration sessionLength = policyConfiguration.getSessionLength();
DateTime sessionExpiryTimestamp = DateTime.now().plus(sessionLength);
SessionId sessionId = SessionId.createNewSessionId();
SessionStartedState sessionStartedState = new SessionStartedState(samlResponse.getId(), relayState.orNull(), samlResponse.getIssuer(), assertionConsumerServiceUri, samlResponse.getForceAuthentication().orNull(), sessionExpiryTimestamp, sessionId, transactionSupportsEidas);
final List<LevelOfAssurance> transactionLevelsOfAssurance = transactionsConfigProxy.getLevelsOfAssurance(samlResponse.getIssuer());
hubEventLogger.logSessionStartedEvent(samlResponse, ipAddress, sessionExpiryTimestamp, sessionId, transactionLevelsOfAssurance.get(0), transactionLevelsOfAssurance.get(transactionLevelsOfAssurance.size() - 1));
return sessionRepository.createSession(sessionStartedState);
}
use of uk.gov.ida.hub.policy.domain.LevelOfAssurance in project verify-hub by alphagov.
the class IdpSelector method buildIdpSelectedState.
public static IdpSelectedState buildIdpSelectedState(IdpSelectingState state, String idpEntityId, boolean registering, LevelOfAssurance requestedLoa, TransactionsConfigProxy transactionsConfigProxy, IdentityProvidersConfigProxy identityProvidersConfigProxy) {
List<LevelOfAssurance> levelsOfAssuranceForTransaction = transactionsConfigProxy.getLevelsOfAssurance(state.getRequestIssuerEntityId());
if (!levelsOfAssuranceForTransaction.contains(requestedLoa)) {
throw StateProcessingValidationException.requestedLevelOfAssuranceUnsupportedByTransactionEntity(state.getRequestIssuerEntityId(), levelsOfAssuranceForTransaction, requestedLoa);
}
List<String> availableIdentityProviderEntityIdsForLoa = identityProvidersConfigProxy.getEnabledIdentityProviders(state.getRequestIssuerEntityId(), registering, requestedLoa);
checkValidIdentityProvider(idpEntityId, availableIdentityProviderEntityIdsForLoa, state);
IdpConfigDto idpConfig = identityProvidersConfigProxy.getIdpConfig(idpEntityId);
final List<LevelOfAssurance> idpLevelsOfAssurance = idpConfig.getSupportedLevelsOfAssurance();
List<LevelOfAssurance> levelsOfAssuranceForTransactionSupportedByIdp = levelsOfAssuranceForTransaction.stream().filter(idpLevelsOfAssurance::contains).collect(Collectors.toList());
String matchingServiceEntityId = transactionsConfigProxy.getMatchingServiceEntityId(state.getRequestIssuerEntityId());
return new IdpSelectedState(state.getRequestId(), idpEntityId, matchingServiceEntityId, levelsOfAssuranceForTransactionSupportedByIdp, idpConfig.getUseExactComparisonType(), state.getForceAuthentication().orNull(), state.getAssertionConsumerServiceUri(), state.getRequestIssuerEntityId(), state.getRelayState().orNull(), state.getSessionExpiryTimestamp(), registering, requestedLoa, state.getSessionId(), availableIdentityProviderEntityIdsForLoa, state.getTransactionSupportsEidas());
}
Aggregations