Example 6 with InboundResponseFromIdpDto
use of uk.gov.ida.hub.samlengine.domain.InboundResponseFromIdpDto in project verify-hub by alphagov.
the class IdpAuthnResponseTranslatorService method translate.
public InboundResponseFromIdpDto translate(SamlAuthnResponseTranslatorDto samlResponseDto) {
Response response = stringToOpenSamlResponseTransformer.apply(samlResponseDto.getSamlResponse());
MdcHelper.addContextToMdc(response);
try {
InboundResponseFromIdp idaResponseFromIdp = samlResponseToIdaResponseIssuedByIdpTransformer.apply(response);
UnknownMethodAlgorithmLogger.probeResponseForMethodAlgorithm(idaResponseFromIdp);
if (idaResponseFromIdp.getAuthnStatementAssertion().isPresent()) {
Assertion authnStatementAssertion = stringToAssertionTransformer.apply(idaResponseFromIdp.getAuthnStatementAssertion().get().getUnderlyingAssertionBlob());
logAnalytics(authnStatementAssertion, AUTHN_STATEMENT);
}
Assertion matchingDatasetAssertion = null;
if (idaResponseFromIdp.getMatchingDatasetAssertion().isPresent()) {
matchingDatasetAssertion = stringToAssertionTransformer.apply(idaResponseFromIdp.getMatchingDatasetAssertion().get().getUnderlyingAssertionBlob());
logAnalytics(matchingDatasetAssertion, MATCHING_DATASET);
}
InboundResponseFromIdpData inboundResponseFromIdpData = inboundResponseFromIdpDataGenerator.generate(idaResponseFromIdp, samlResponseDto.getMatchingServiceEntityId());
Optional<LevelOfAssurance> levelOfAssurance = Optional.empty();
if (!Strings.isNullOrEmpty(inboundResponseFromIdpData.getLevelOfAssurance())) {
levelOfAssurance = Optional.of(LevelOfAssurance.valueOf(inboundResponseFromIdpData.getLevelOfAssurance()));
}
logVerifiedAttributes(idaResponseFromIdp, matchingDatasetAssertion, levelOfAssurance);
return new InboundResponseFromIdpDto(inboundResponseFromIdpData.getStatus(), inboundResponseFromIdpData.getStatusMessage(), inboundResponseFromIdpData.getIssuer(), inboundResponseFromIdpData.getAuthnStatementAssertionBlob(), inboundResponseFromIdpData.getEncryptedMatchingDatasetAssertion(), inboundResponseFromIdpData.getPersistentId(), inboundResponseFromIdpData.getPrincipalIpAddressAsSeenByIdp(), levelOfAssurance, inboundResponseFromIdpData.getIdpFraudEventId(), inboundResponseFromIdpData.getFraudIndicator());
} catch (SamlTransformationErrorException e) {
throw new SamlContextException(response.getID(), response.getIssuer().getValue(), e);
}
}
Also used :
Response(org.opensaml.saml.saml2.core.Response)
LevelOfAssurance(uk.gov.ida.hub.samlengine.domain.LevelOfAssurance)
SamlContextException(uk.gov.ida.hub.samlengine.exceptions.SamlContextException)
InboundResponseFromIdpDto(uk.gov.ida.hub.samlengine.domain.InboundResponseFromIdpDto)
SamlTransformationErrorException(uk.gov.ida.saml.core.validation.SamlTransformationErrorException)
InboundResponseFromIdp(uk.gov.ida.saml.hub.domain.InboundResponseFromIdp)
Assertion(org.opensaml.saml.saml2.core.Assertion)
InboundResponseFromIdpData(uk.gov.ida.saml.core.domain.InboundResponseFromIdpData)
Example 7 with InboundResponseFromIdpDto
use of uk.gov.ida.hub.samlengine.domain.InboundResponseFromIdpDto in project verify-hub by alphagov.
the class IdpAuthnResponseTranslatorServiceTest method shouldExtractAuthnStatementAssertionDetails.
@Test
public void shouldExtractAuthnStatementAssertionDetails() {
when(responseFromIdp.getAuthnStatementAssertion()).thenReturn(of(authStatementAssertion));
InboundResponseFromIdpDto result = translateAndCheckCommonFields();
checkAuthnStatementValues(result);
}
Also used :
InboundResponseFromIdpDto(uk.gov.ida.hub.samlengine.domain.InboundResponseFromIdpDto)
Test(org.junit.Test)
Example 8 with InboundResponseFromIdpDto
use of uk.gov.ida.hub.samlengine.domain.InboundResponseFromIdpDto in project verify-hub by alphagov.
the class IdpAuthnResponseTranslatorServiceTest method shouldExtractLevelOfAssurance.
@Test
public void shouldExtractLevelOfAssurance() {
AuthnContext authnContext = AuthnContext.LEVEL_1;
when(authStatementAssertion.getAuthnContext()).thenReturn(Optional.of(authnContext));
when(responseFromIdp.getAuthnStatementAssertion()).thenReturn(of(authStatementAssertion));
InboundResponseFromIdpDto result = translateAndCheckCommonFields();
checkAuthnStatementValues(result);
assertThat(result.getLevelOfAssurance().get().name()).isEqualTo(authnContext.name());
}
Also used :
InboundResponseFromIdpDto(uk.gov.ida.hub.samlengine.domain.InboundResponseFromIdpDto)
AuthnContext(uk.gov.ida.saml.core.domain.AuthnContext)
Test(org.junit.Test)
Example 9 with InboundResponseFromIdpDto
use of uk.gov.ida.hub.samlengine.domain.InboundResponseFromIdpDto in project verify-hub by alphagov.
the class IdpAuthnResponseTranslatorServiceTest method shouldExtractFraudDetails.
@Test
public void shouldExtractFraudDetails() {
String fraudIndicator = "fraud indicator";
String fraudEventId = "fraud event id";
FraudDetectedDetails fraudDetectedDetails = Mockito.mock(FraudDetectedDetails.class);
when(fraudDetectedDetails.getFraudIndicator()).thenReturn(fraudIndicator);
when(fraudDetectedDetails.getIdpFraudEventId()).thenReturn(fraudEventId);
when(authStatementAssertion.getFraudDetectedDetails()).thenReturn(Optional.of(fraudDetectedDetails));
when(responseFromIdp.getAuthnStatementAssertion()).thenReturn(of(authStatementAssertion));
InboundResponseFromIdpDto result = translateAndCheckCommonFields();
checkAuthnStatementValues(result);
assert (result.getFraudIndicator().get()).equals(fraudIndicator);
assert (result.getIdpFraudEventId().get()).equals(fraudEventId);
}
Also used :
InboundResponseFromIdpDto(uk.gov.ida.hub.samlengine.domain.InboundResponseFromIdpDto)
FraudDetectedDetails(uk.gov.ida.saml.core.domain.FraudDetectedDetails)
Test(org.junit.Test)
Example 10 with InboundResponseFromIdpDto
use of uk.gov.ida.hub.samlengine.domain.InboundResponseFromIdpDto in project verify-hub by alphagov.
the class IdpAuthnResponseTranslatorServiceTest method shouldHandleNoAssertions.
@Test
public void shouldHandleNoAssertions() {
InboundResponseFromIdpDto result = translateAndCheckCommonFields();
assertThat(result.getAuthnStatementAssertionBlob().isPresent()).isFalse();
assertThat(result.getEncryptedMatchingDatasetAssertion().isPresent()).isFalse();
assertThat(result.getLevelOfAssurance().isPresent()).isFalse();
assertThat(result.getPersistentId().isPresent()).isFalse();
assertThat(result.getFraudIndicator().isPresent()).isFalse();
assertThat(result.getIdpFraudEventId().isPresent()).isFalse();
}
Also used :
InboundResponseFromIdpDto(uk.gov.ida.hub.samlengine.domain.InboundResponseFromIdpDto)
Test(org.junit.Test)
Aggregations
InboundResponseFromIdpDto (uk.gov.ida.hub.samlengine.domain.InboundResponseFromIdpDto)15
Test (org.junit.Test)13
Response (javax.ws.rs.core.Response)8
SamlAuthnResponseTranslatorDto (uk.gov.ida.hub.samlengine.contracts.SamlAuthnResponseTranslatorDto)8
SamlAuthnResponseTranslatorDtoBuilder.aSamlAuthnResponseTranslatorDto (uk.gov.ida.integrationtest.hub.samlengine.builders.SamlAuthnResponseTranslatorDtoBuilder.aSamlAuthnResponseTranslatorDto)8
Assertion (org.opensaml.saml.saml2.core.Assertion)1
Response (org.opensaml.saml.saml2.core.Response)1
BasicCredential (org.opensaml.security.credential.BasicCredential)1
LevelOfAssurance (uk.gov.ida.hub.samlengine.domain.LevelOfAssurance)1
SamlContextException (uk.gov.ida.hub.samlengine.exceptions.SamlContextException)1
AuthnContext (uk.gov.ida.saml.core.domain.AuthnContext)1
FraudDetectedDetails (uk.gov.ida.saml.core.domain.FraudDetectedDetails)1
InboundResponseFromIdpData (uk.gov.ida.saml.core.domain.InboundResponseFromIdpData)1
PassthroughAssertion (uk.gov.ida.saml.core.domain.PassthroughAssertion)1
HardCodedKeyStore (uk.gov.ida.saml.core.test.HardCodedKeyStore)1
SamlTransformationErrorException (uk.gov.ida.saml.core.validation.SamlTransformationErrorException)1
InboundResponseFromIdp (uk.gov.ida.saml.hub.domain.InboundResponseFromIdp)1
