use of uk.gov.ida.hub.samlengine.domain.LevelOfAssurance in project verify-hub by alphagov.
the class MatchingServiceResponseTranslatorService method translate.
public InboundResponseFromMatchingServiceDto translate(SamlResponseDto samlResponseDto) {
final Response response = responseUnmarshaller.apply(samlResponseDto.getSamlResponse());
MdcHelper.addContextToMdc(response);
final InboundResponseFromMatchingService responseFromMatchingService = responseToInboundResponseFromMatchingServiceTransformer.transform(response);
Optional<String> assertionBlob = Optional.empty();
Optional<LevelOfAssurance> levelOfAssurance = Optional.empty();
// FIXME?: transformer can return null
if (responseFromMatchingService.getMatchingServiceAssertion() != null && responseFromMatchingService.getMatchingServiceAssertion().isPresent()) {
assertionBlob = Optional.ofNullable(responseFromMatchingService.getMatchingServiceAssertion().get().getUnderlyingAssertionBlob());
final Optional<AuthnContext> authnContext = responseFromMatchingService.getMatchingServiceAssertion().get().getAuthnContext();
if (authnContext.isPresent()) {
levelOfAssurance = Optional.of(LevelOfAssurance.valueOf(authnContext.get().name()));
}
}
final InboundResponseFromMatchingServiceDto inboundResponseFromMatchingServiceDto = new InboundResponseFromMatchingServiceDto(responseFromMatchingService.getStatus(), responseFromMatchingService.getInResponseTo(), responseFromMatchingService.getIssuer(), assertionBlob, levelOfAssurance);
return inboundResponseFromMatchingServiceDto;
}
use of uk.gov.ida.hub.samlengine.domain.LevelOfAssurance in project verify-hub by alphagov.
the class CountryAuthnResponseTranslatorService method toModel.
private InboundResponseFromCountry toModel(ValidatedResponse response, Optional<Assertion> validatedIdentityAssertionOptional, String matchingServiceEntityId) {
Optional<PassthroughAssertion> passthroughAssertion = validatedIdentityAssertionOptional.map(validatedIdentityAssertion -> passthroughAssertionUnmarshaller.fromAssertion(validatedIdentityAssertion, true));
Optional<LevelOfAssurance> levelOfAssurance = passthroughAssertion.flatMap(assertion -> assertion.getAuthnContext()).map(AuthnContext::name).filter(string -> !isNullOrEmpty(string)).map(LevelOfAssurance::valueOf);
IdpIdaStatus status = statusUnmarshaller.fromSaml(response.getStatus());
return new InboundResponseFromCountry(response.getIssuer().getValue(), validatedIdentityAssertionOptional.map(Assertion::getSubject).map(Subject::getNameID).map(NameID::getValue), Optional.ofNullable(status).map(IdpIdaStatus::getStatusCode).map(IdpIdaStatus.Status::name), status.getMessage(), passthroughAssertion.map(assertion -> assertionBlobEncrypter.encryptAssertionBlob(matchingServiceEntityId, assertion.getUnderlyingAssertionBlob())), levelOfAssurance);
}
use of uk.gov.ida.hub.samlengine.domain.LevelOfAssurance in project verify-hub by alphagov.
the class MatchingServiceResponseTranslatorService method translate.
public InboundResponseFromMatchingServiceDto translate(SamlResponseContainerDto samlResponseContainerDto) {
final Response response = responseUnmarshaller.apply(samlResponseContainerDto.getSamlResponse());
MdcHelper.addContextToMdc(response);
final InboundResponseFromMatchingService responseFromMatchingService = responseToInboundResponseFromMatchingServiceTransformer.transform(response);
Optional<String> assertionBlob = Optional.empty();
Optional<LevelOfAssurance> levelOfAssurance = Optional.empty();
// FIXME?: transformer can return null
if (responseFromMatchingService.getMatchingServiceAssertion() != null && responseFromMatchingService.getMatchingServiceAssertion().isPresent()) {
assertionBlob = Optional.ofNullable(responseFromMatchingService.getMatchingServiceAssertion().get().getUnderlyingAssertionBlob());
final Optional<AuthnContext> authnContext = responseFromMatchingService.getMatchingServiceAssertion().get().getAuthnContext();
if (authnContext.isPresent()) {
levelOfAssurance = Optional.of(LevelOfAssurance.valueOf(authnContext.get().name()));
}
}
final InboundResponseFromMatchingServiceDto inboundResponseFromMatchingServiceDto = new InboundResponseFromMatchingServiceDto(responseFromMatchingService.getStatus(), responseFromMatchingService.getInResponseTo(), responseFromMatchingService.getIssuer(), assertionBlob.map(ab -> assertionBlobEncrypter.encryptAssertionBlob(samlResponseContainerDto.getAuthnRequestIssuerId(), ab)), levelOfAssurance);
return inboundResponseFromMatchingServiceDto;
}
use of uk.gov.ida.hub.samlengine.domain.LevelOfAssurance in project verify-hub by alphagov.
the class IdpAuthnResponseTranslatorService method translate.
public InboundResponseFromIdpDto translate(SamlAuthnResponseTranslatorDto samlResponseDto) {
Response response = stringToOpenSamlResponseTransformer.apply(samlResponseDto.getSamlResponse());
MdcHelper.addContextToMdc(response);
try {
InboundResponseFromIdp idaResponseFromIdp = samlResponseToIdaResponseIssuedByIdpTransformer.apply(response);
UnknownMethodAlgorithmLogger.probeResponseForMethodAlgorithm(idaResponseFromIdp);
if (idaResponseFromIdp.getAuthnStatementAssertion().isPresent()) {
Assertion authnStatementAssertion = stringToAssertionTransformer.apply(idaResponseFromIdp.getAuthnStatementAssertion().get().getUnderlyingAssertionBlob());
logAnalytics(authnStatementAssertion, AUTHN_STATEMENT);
}
Assertion matchingDatasetAssertion = null;
if (idaResponseFromIdp.getMatchingDatasetAssertion().isPresent()) {
matchingDatasetAssertion = stringToAssertionTransformer.apply(idaResponseFromIdp.getMatchingDatasetAssertion().get().getUnderlyingAssertionBlob());
logAnalytics(matchingDatasetAssertion, MATCHING_DATASET);
}
InboundResponseFromIdpData inboundResponseFromIdpData = inboundResponseFromIdpDataGenerator.generate(idaResponseFromIdp, samlResponseDto.getMatchingServiceEntityId());
Optional<LevelOfAssurance> levelOfAssurance = Optional.empty();
if (!Strings.isNullOrEmpty(inboundResponseFromIdpData.getLevelOfAssurance())) {
levelOfAssurance = Optional.of(LevelOfAssurance.valueOf(inboundResponseFromIdpData.getLevelOfAssurance()));
}
logVerifiedAttributes(idaResponseFromIdp, matchingDatasetAssertion, levelOfAssurance);
return new InboundResponseFromIdpDto(inboundResponseFromIdpData.getStatus(), inboundResponseFromIdpData.getStatusMessage(), inboundResponseFromIdpData.getIssuer(), inboundResponseFromIdpData.getEncryptedAuthnAssertion(), inboundResponseFromIdpData.getEncryptedMatchingDatasetAssertion(), inboundResponseFromIdpData.getPersistentId(), inboundResponseFromIdpData.getPrincipalIpAddressAsSeenByIdp(), levelOfAssurance, inboundResponseFromIdpData.getIdpFraudEventId(), inboundResponseFromIdpData.getFraudIndicator(), inboundResponseFromIdpData.getNotOnOrAfter());
} catch (SamlTransformationErrorException e) {
throw new SamlContextException(response.getID(), response.getIssuer().getValue(), e);
}
}
Aggregations