Example 1 with InboundResponseFromCountry
use of uk.gov.ida.hub.samlengine.domain.InboundResponseFromCountry in project verify-hub by alphagov.
the class CountryAuthnResponseTranslatorService method toModel.
private InboundResponseFromCountry toModel(ValidatedResponse response, Optional<Assertion> validatedIdentityAssertionOptional, String matchingServiceEntityId) {
Optional<PassthroughAssertion> passthroughAssertion = validatedIdentityAssertionOptional.map(validatedIdentityAssertion -> passthroughAssertionUnmarshaller.fromAssertion(validatedIdentityAssertion, true));
Optional<LevelOfAssurance> levelOfAssurance = passthroughAssertion.flatMap(assertion -> assertion.getAuthnContext()).map(AuthnContext::name).filter(string -> !isNullOrEmpty(string)).map(LevelOfAssurance::valueOf);
IdpIdaStatus status = statusUnmarshaller.fromSaml(response.getStatus());
return new InboundResponseFromCountry(response.getIssuer().getValue(), validatedIdentityAssertionOptional.map(Assertion::getSubject).map(Subject::getNameID).map(NameID::getValue), Optional.ofNullable(status).map(IdpIdaStatus::getStatusCode).map(IdpIdaStatus.Status::name), status.getMessage(), passthroughAssertion.map(assertion -> assertionBlobEncrypter.encryptAssertionBlob(matchingServiceEntityId, assertion.getUnderlyingAssertionBlob())), levelOfAssurance);
}
Also used :
LevelOfAssurance(uk.gov.ida.hub.samlengine.domain.LevelOfAssurance)
StringToOpenSamlObjectTransformer(uk.gov.ida.saml.deserializers.StringToOpenSamlObjectTransformer)
Strings.isNullOrEmpty(com.google.common.base.Strings.isNullOrEmpty)
Subject(org.opensaml.saml.saml2.core.Subject)
IdpIdaStatusUnmarshaller(uk.gov.ida.saml.hub.transformers.inbound.IdpIdaStatusUnmarshaller)
ValidatedResponse(uk.gov.ida.saml.security.validators.ValidatedResponse)
MdcHelper(uk.gov.ida.hub.samlengine.logging.MdcHelper)
ResponseFromCountryValidator(uk.gov.ida.hub.samlengine.validation.country.ResponseFromCountryValidator)
SamlResponseSignatureValidator(uk.gov.ida.saml.security.validators.signature.SamlResponseSignatureValidator)
Inject(javax.inject.Inject)
Assertion(org.opensaml.saml.saml2.core.Assertion)
AssertionBlobEncrypter(uk.gov.ida.saml.core.transformers.outbound.decorators.AssertionBlobEncrypter)
IDPSSODescriptor(org.opensaml.saml.saml2.metadata.IDPSSODescriptor)
AuthnContext(uk.gov.ida.saml.core.domain.AuthnContext)
ResponseAssertionsFromCountryValidator(uk.gov.ida.hub.samlengine.validation.country.ResponseAssertionsFromCountryValidator)
Response(org.opensaml.saml.saml2.core.Response)
PassthroughAssertionUnmarshaller(uk.gov.ida.saml.hub.transformers.inbound.PassthroughAssertionUnmarshaller)
AssertionDecrypter(uk.gov.ida.saml.security.AssertionDecrypter)
SamlAuthnResponseTranslatorDto(uk.gov.ida.hub.samlengine.contracts.SamlAuthnResponseTranslatorDto)
InboundResponseFromCountry(uk.gov.ida.hub.samlengine.domain.InboundResponseFromCountry)
List(java.util.List)
PassthroughAssertion(uk.gov.ida.saml.core.domain.PassthroughAssertion)
LevelOfAssurance(uk.gov.ida.hub.samlengine.domain.LevelOfAssurance)
DestinationValidator(uk.gov.ida.saml.core.validators.DestinationValidator)
Optional(java.util.Optional)
IdpIdaStatus(uk.gov.ida.saml.hub.domain.IdpIdaStatus)
NameID(org.opensaml.saml.saml2.core.NameID)
SamlAssertionsSignatureValidator(uk.gov.ida.saml.security.SamlAssertionsSignatureValidator)
InboundResponseFromCountry(uk.gov.ida.hub.samlengine.domain.InboundResponseFromCountry)
PassthroughAssertion(uk.gov.ida.saml.core.domain.PassthroughAssertion)
IdpIdaStatus(uk.gov.ida.saml.hub.domain.IdpIdaStatus)
Subject(org.opensaml.saml.saml2.core.Subject)
AuthnContext(uk.gov.ida.saml.core.domain.AuthnContext)
Example 2 with InboundResponseFromCountry
use of uk.gov.ida.hub.samlengine.domain.InboundResponseFromCountry in project verify-hub by alphagov.
the class CountryAuthnResponseTranslatorResourceTest method shouldReturnSuccessResponse.
@Test
public void shouldReturnSuccessResponse() throws Exception {
SamlAuthnResponseTranslatorDto dto = createAuthnResponseSignedByKeyPair(TestCertificateStrings.STUB_IDP_PUBLIC_PRIMARY_CERT, TestCertificateStrings.STUB_IDP_PUBLIC_PRIMARY_PRIVATE_KEY);
org.opensaml.saml.saml2.core.Response originalAuthnResponse = new HubTransformersFactory().getStringToResponseTransformer().apply(dto.getSamlResponse());
Response response = postAuthnResponseToSamlEngine(dto);
assertThat(response.getStatus()).isEqualTo(Response.Status.OK.getStatusCode());
InboundResponseFromCountry inboundResponseFromCountry = response.readEntity(InboundResponseFromCountry.class);
assertThat(inboundResponseFromCountry.getStatus()).isEqualTo(Optional.of("Success"));
assertThat(inboundResponseFromCountry.getIssuer()).isEqualTo(samlEngineAppRule.getCountryMetadataUri());
assertThatDecryptedAssertionsAreTheSame(inboundResponseFromCountry, originalAuthnResponse);
}
Also used :
Response(javax.ws.rs.core.Response)
HubTransformersFactory(uk.gov.ida.saml.hub.api.HubTransformersFactory)
InboundResponseFromCountry(uk.gov.ida.hub.samlengine.domain.InboundResponseFromCountry)
SamlAuthnResponseTranslatorDto(uk.gov.ida.hub.samlengine.contracts.SamlAuthnResponseTranslatorDto)
Test(org.junit.Test)
Example 3 with InboundResponseFromCountry
use of uk.gov.ida.hub.samlengine.domain.InboundResponseFromCountry in project verify-hub by alphagov.
the class CountryAuthnResponseTranslatorServiceTest method shouldExtractAuthnStatementAssertionDetails.
@Test
public void shouldExtractAuthnStatementAssertionDetails() {
InboundResponseFromCountry result = service.translate(samlAuthnResponseTranslatorDto);
assertThat(result.getIssuer()).isEqualTo(responseIssuer);
assertThat(result.getStatus().isPresent()).isTrue();
assertThat(result.getStatus().get()).isEqualTo("Success");
assertThat(result.getStatusMessage().isPresent()).isFalse();
assertThat(result.getLevelOfAssurance().isPresent()).isTrue();
assertThat(result.getLevelOfAssurance().get()).isEqualTo(LEVEL_3);
assertThat(result.getPersistentId().isPresent()).isTrue();
assertThat(result.getPersistentId().get()).isEqualTo(persistentIdName);
assertThat(result.getEncryptedIdentityAssertionBlob().isPresent()).isTrue();
assertThat(result.getEncryptedIdentityAssertionBlob().get()).isEqualTo(identityUnderlyingAssertionBlob);
}
Also used :
InboundResponseFromCountry(uk.gov.ida.hub.samlengine.domain.InboundResponseFromCountry)
Test(org.junit.Test)
Aggregations
InboundResponseFromCountry (uk.gov.ida.hub.samlengine.domain.InboundResponseFromCountry)3
Test (org.junit.Test)2
SamlAuthnResponseTranslatorDto (uk.gov.ida.hub.samlengine.contracts.SamlAuthnResponseTranslatorDto)2
Strings.isNullOrEmpty (com.google.common.base.Strings.isNullOrEmpty)1
List (java.util.List)1
Optional (java.util.Optional)1
Inject (javax.inject.Inject)1
Response (javax.ws.rs.core.Response)1
Assertion (org.opensaml.saml.saml2.core.Assertion)1
NameID (org.opensaml.saml.saml2.core.NameID)1
Response (org.opensaml.saml.saml2.core.Response)1
Subject (org.opensaml.saml.saml2.core.Subject)1
IDPSSODescriptor (org.opensaml.saml.saml2.metadata.IDPSSODescriptor)1
LevelOfAssurance (uk.gov.ida.hub.samlengine.domain.LevelOfAssurance)1
MdcHelper (uk.gov.ida.hub.samlengine.logging.MdcHelper)1
ResponseAssertionsFromCountryValidator (uk.gov.ida.hub.samlengine.validation.country.ResponseAssertionsFromCountryValidator)1
ResponseFromCountryValidator (uk.gov.ida.hub.samlengine.validation.country.ResponseFromCountryValidator)1
AuthnContext (uk.gov.ida.saml.core.domain.AuthnContext)1
PassthroughAssertion (uk.gov.ida.saml.core.domain.PassthroughAssertion)1
AssertionBlobEncrypter (uk.gov.ida.saml.core.transformers.outbound.decorators.AssertionBlobEncrypter)1
