Example 11 with SamlAuthnResponseTranslatorDto
use of uk.gov.ida.hub.samlengine.contracts.SamlAuthnResponseTranslatorDto in project verify-hub by alphagov.
the class IdpAuthnResponseTranslatorResourceTest method shouldPreserveStatusMessageForRequesterError.
@Test
public void shouldPreserveStatusMessageForRequesterError() throws Exception {
final String statusMessage = "status-message";
final org.opensaml.saml.saml2.core.Response samlAuthnResponse = authnResponseFactory.anAuthnFailedResponseFromIdpBuilder(STUB_IDP_ONE).withDestination(IDP_RESPONSE_ENDPOINT).withStatus(StatusBuilder.aStatus().withMessage(StatusMessageBuilder.aStatusMessage().withMessage(statusMessage).build()).withStatusCode(StatusCodeBuilder.aStatusCode().withValue(StatusCode.REQUESTER).build()).build()).build();
String saml = authnResponseFactory.transformResponseToSaml(samlAuthnResponse);
SamlAuthnResponseTranslatorDto samlResponseDto = aSamlAuthnResponseTranslatorDto().withSamlResponse(saml).withMatchingServiceEntityId(TEST_RP_MS).build();
Response clientResponse = postToSamlEngine(samlResponseDto);
assertThat(clientResponse.getStatus()).isEqualTo(Response.Status.OK.getStatusCode());
InboundResponseFromIdpDto inboundResponseFromIdpDto = clientResponse.readEntity(InboundResponseFromIdpDto.class);
assertThat(inboundResponseFromIdpDto.getStatus()).isEqualTo(IdpIdaStatus.Status.RequesterError);
assertThat(inboundResponseFromIdpDto.getStatusMessage().get()).isEqualTo(statusMessage);
}
Also used :
Response(javax.ws.rs.core.Response)
InboundResponseFromIdpDto(uk.gov.ida.hub.samlengine.domain.InboundResponseFromIdpDto)
SamlAuthnResponseTranslatorDto(uk.gov.ida.hub.samlengine.contracts.SamlAuthnResponseTranslatorDto)
SamlAuthnResponseTranslatorDtoBuilder.aSamlAuthnResponseTranslatorDto(uk.gov.ida.integrationtest.hub.samlengine.builders.SamlAuthnResponseTranslatorDtoBuilder.aSamlAuthnResponseTranslatorDto)
Test(org.junit.jupiter.api.Test)
Example 12 with SamlAuthnResponseTranslatorDto
use of uk.gov.ida.hub.samlengine.contracts.SamlAuthnResponseTranslatorDto in project verify-hub by alphagov.
the class IdpAuthnResponseTranslatorResourceTest method shouldTranslateARequesterErrorResponseFromIdp.
@Test
public void shouldTranslateARequesterErrorResponseFromIdp() throws Exception {
final org.opensaml.saml.saml2.core.Response samlAuthnResponse = authnResponseFactory.anAuthnFailedResponseFromIdpBuilder(STUB_IDP_ONE).withDestination(IDP_RESPONSE_ENDPOINT).withStatus(REQUESTER_ERROR_STATUS).build();
String saml = authnResponseFactory.transformResponseToSaml(samlAuthnResponse);
SamlAuthnResponseTranslatorDto samlResponseDto = aSamlAuthnResponseTranslatorDto().withSamlResponse(saml).withMatchingServiceEntityId("IGNOREME").build();
Response clientResponse = postToSamlEngine(samlResponseDto);
assertThat(clientResponse.getStatus()).isEqualTo(Response.Status.OK.getStatusCode());
InboundResponseFromIdpDto inboundResponseFromIdpDto = clientResponse.readEntity(InboundResponseFromIdpDto.class);
assertThat(inboundResponseFromIdpDto.getStatus()).isEqualTo(IdpIdaStatus.Status.RequesterError);
assertThat(inboundResponseFromIdpDto.getIssuer()).isEqualTo(samlAuthnResponse.getIssuer().getValue());
checkFieldsForUnsuccessfulResponseDTO(inboundResponseFromIdpDto);
}
Also used :
Response(javax.ws.rs.core.Response)
InboundResponseFromIdpDto(uk.gov.ida.hub.samlengine.domain.InboundResponseFromIdpDto)
SamlAuthnResponseTranslatorDto(uk.gov.ida.hub.samlengine.contracts.SamlAuthnResponseTranslatorDto)
SamlAuthnResponseTranslatorDtoBuilder.aSamlAuthnResponseTranslatorDto(uk.gov.ida.integrationtest.hub.samlengine.builders.SamlAuthnResponseTranslatorDtoBuilder.aSamlAuthnResponseTranslatorDto)
Test(org.junit.jupiter.api.Test)
Example 13 with SamlAuthnResponseTranslatorDto
use of uk.gov.ida.hub.samlengine.contracts.SamlAuthnResponseTranslatorDto in project verify-hub by alphagov.
the class IdpAuthnResponseTranslatorResourceTest method shouldRejectResponseWhenContainsInvalidStatusCodeCombination.
@Test
public void shouldRejectResponseWhenContainsInvalidStatusCodeCombination() throws Exception {
final org.opensaml.saml.saml2.core.Response samlAuthnResponse = authnResponseFactory.aResponseFromIdpBuilder(STUB_IDP_ONE).withDestination(IDP_RESPONSE_ENDPOINT).withStatus(buildStatus(StatusCode.REQUESTER, StatusCode.AUTHN_FAILED)).build();
String saml = authnResponseFactory.transformResponseToSaml(samlAuthnResponse);
SamlAuthnResponseTranslatorDto samlResponseDto = aSamlAuthnResponseTranslatorDto().withSamlResponse(saml).withMatchingServiceEntityId("IGNOREME").build();
Response clientResponse = postToSamlEngine(samlResponseDto);
assertThat(clientResponse.getStatus()).isEqualTo(Response.Status.BAD_REQUEST.getStatusCode());
ErrorStatusDto errorStatusDto = clientResponse.readEntity(ErrorStatusDto.class);
assertThat(errorStatusDto.getExceptionType()).isEqualTo(ExceptionType.INVALID_SAML);
}
Also used :
Response(javax.ws.rs.core.Response)
ErrorStatusDto(uk.gov.ida.common.ErrorStatusDto)
SamlAuthnResponseTranslatorDto(uk.gov.ida.hub.samlengine.contracts.SamlAuthnResponseTranslatorDto)
SamlAuthnResponseTranslatorDtoBuilder.aSamlAuthnResponseTranslatorDto(uk.gov.ida.integrationtest.hub.samlengine.builders.SamlAuthnResponseTranslatorDtoBuilder.aSamlAuthnResponseTranslatorDto)
Test(org.junit.jupiter.api.Test)
Example 14 with SamlAuthnResponseTranslatorDto
use of uk.gov.ida.hub.samlengine.contracts.SamlAuthnResponseTranslatorDto in project verify-hub by alphagov.
the class IdpAuthnResponseTranslatorResourceTest method handleResponseFromIdp_shouldThrowExceptionIfAuthnStatementAssertionIsReplayedInResponseFromIdp.
@Test
public void handleResponseFromIdp_shouldThrowExceptionIfAuthnStatementAssertionIsReplayedInResponseFromIdp() throws Exception {
String authnStatementAssertionId = "authnStatementAssertionId" + UUID.randomUUID().toString();
String mdsStatementAssertionId = "mdsStatementAssertionId" + UUID.randomUUID().toString();
SamlAuthnResponseTranslatorDto samlResponseDto_1 = getSuccessSamlAuthnResponseTranslatorDto(STUB_IDP_ONE, authnStatementAssertionId, mdsStatementAssertionId + "-1");
SamlAuthnResponseTranslatorDto samlResponseDto_2 = getSuccessSamlAuthnResponseTranslatorDto(STUB_IDP_ONE, authnStatementAssertionId, mdsStatementAssertionId + "-2");
Response clientResponse = postToSamlEngine(samlResponseDto_1);
assertThat(clientResponse.getStatus()).isEqualTo(Response.Status.OK.getStatusCode());
clientResponse = postToSamlEngine(samlResponseDto_2);
assertThat(clientResponse.getStatus()).isEqualTo(Response.Status.BAD_REQUEST.getStatusCode());
ErrorStatusDto errorStatusDto = clientResponse.readEntity(ErrorStatusDto.class);
assertThat(errorStatusDto.getExceptionType()).isEqualTo(ExceptionType.INVALID_SAML);
}
Also used :
Response(javax.ws.rs.core.Response)
ErrorStatusDto(uk.gov.ida.common.ErrorStatusDto)
SamlAuthnResponseTranslatorDto(uk.gov.ida.hub.samlengine.contracts.SamlAuthnResponseTranslatorDto)
SamlAuthnResponseTranslatorDtoBuilder.aSamlAuthnResponseTranslatorDto(uk.gov.ida.integrationtest.hub.samlengine.builders.SamlAuthnResponseTranslatorDtoBuilder.aSamlAuthnResponseTranslatorDto)
Test(org.junit.jupiter.api.Test)
Example 15 with SamlAuthnResponseTranslatorDto
use of uk.gov.ida.hub.samlengine.contracts.SamlAuthnResponseTranslatorDto in project verify-hub by alphagov.
the class IdpAuthnResponseTranslatorResourceWithRedisTest method handleResponseFromIdp_shouldThrowExceptionIfmdsAssertionIsReplayedInResponseFromIdp.
@Test
public void handleResponseFromIdp_shouldThrowExceptionIfmdsAssertionIsReplayedInResponseFromIdp() throws Exception {
String authnStatementAssertionId = "authnStatementAssertionId" + UUID.randomUUID().toString();
String mdsStatementAssertionId = "mdsStatementAssertionId" + UUID.randomUUID().toString();
SamlAuthnResponseTranslatorDto samlResponseDto_1 = getSuccessSamlAuthnResponseTranslatorDto(STUB_IDP_ONE, authnStatementAssertionId + "-1", mdsStatementAssertionId);
SamlAuthnResponseTranslatorDto samlResponseDto_2 = getSuccessSamlAuthnResponseTranslatorDto(STUB_IDP_ONE, authnStatementAssertionId + "-2", mdsStatementAssertionId);
Response clientResponse = postToSamlEngine(samlResponseDto_1);
assertThat(clientResponse.getStatus()).isEqualTo(Response.Status.OK.getStatusCode());
clientResponse = postToSamlEngine(samlResponseDto_2);
assertThat(clientResponse.getStatus()).isEqualTo(Response.Status.BAD_REQUEST.getStatusCode());
ErrorStatusDto errorStatusDto = clientResponse.readEntity(ErrorStatusDto.class);
assertThat(errorStatusDto.getExceptionType()).isEqualTo(ExceptionType.INVALID_SAML);
}
Also used :
Response(javax.ws.rs.core.Response)
ErrorStatusDto(uk.gov.ida.common.ErrorStatusDto)
SamlAuthnResponseTranslatorDto(uk.gov.ida.hub.samlengine.contracts.SamlAuthnResponseTranslatorDto)
SamlAuthnResponseTranslatorDtoBuilder.aSamlAuthnResponseTranslatorDto(uk.gov.ida.integrationtest.hub.samlengine.builders.SamlAuthnResponseTranslatorDtoBuilder.aSamlAuthnResponseTranslatorDto)
Test(org.junit.jupiter.api.Test)
Aggregations
SamlAuthnResponseTranslatorDto (uk.gov.ida.hub.samlengine.contracts.SamlAuthnResponseTranslatorDto)34
Response (javax.ws.rs.core.Response)33
Test (org.junit.jupiter.api.Test)31
SamlAuthnResponseTranslatorDtoBuilder.aSamlAuthnResponseTranslatorDto (uk.gov.ida.integrationtest.hub.samlengine.builders.SamlAuthnResponseTranslatorDtoBuilder.aSamlAuthnResponseTranslatorDto)31
ErrorStatusDto (uk.gov.ida.common.ErrorStatusDto)17
InboundResponseFromIdpDto (uk.gov.ida.hub.samlengine.domain.InboundResponseFromIdpDto)8
BasicCredential (org.opensaml.security.credential.BasicCredential)4
HardCodedKeyStore (uk.gov.ida.saml.core.test.HardCodedKeyStore)4
Test (org.junit.Test)2
SessionId (uk.gov.ida.common.SessionId)2
InboundResponseFromCountry (uk.gov.ida.hub.samlengine.domain.InboundResponseFromCountry)1
HubTransformersFactory (uk.gov.ida.saml.hub.api.HubTransformersFactory)1
