use of uk.gov.ida.hub.samlengine.domain.SamlResponseContainerDto in project verify-hub by alphagov.
the class MatchingServiceResponseTranslatorService method translate.
public InboundResponseFromMatchingServiceDto translate(SamlResponseContainerDto samlResponseContainerDto) {
final Response response = responseUnmarshaller.apply(samlResponseContainerDto.getSamlResponse());
MdcHelper.addContextToMdc(response);
final InboundResponseFromMatchingService responseFromMatchingService = responseToInboundResponseFromMatchingServiceTransformer.transform(response);
Optional<String> assertionBlob = Optional.empty();
Optional<LevelOfAssurance> levelOfAssurance = Optional.empty();
// FIXME?: transformer can return null
if (responseFromMatchingService.getMatchingServiceAssertion() != null && responseFromMatchingService.getMatchingServiceAssertion().isPresent()) {
assertionBlob = Optional.ofNullable(responseFromMatchingService.getMatchingServiceAssertion().get().getUnderlyingAssertionBlob());
final Optional<AuthnContext> authnContext = responseFromMatchingService.getMatchingServiceAssertion().get().getAuthnContext();
if (authnContext.isPresent()) {
levelOfAssurance = Optional.of(LevelOfAssurance.valueOf(authnContext.get().name()));
}
}
final InboundResponseFromMatchingServiceDto inboundResponseFromMatchingServiceDto = new InboundResponseFromMatchingServiceDto(responseFromMatchingService.getStatus(), responseFromMatchingService.getInResponseTo(), responseFromMatchingService.getIssuer(), assertionBlob.map(ab -> assertionBlobEncrypter.encryptAssertionBlob(samlResponseContainerDto.getAuthnRequestIssuerId(), ab)), levelOfAssurance);
return inboundResponseFromMatchingServiceDto;
}
use of uk.gov.ida.hub.samlengine.domain.SamlResponseContainerDto in project verify-hub by alphagov.
the class MatchingServiceResponseTranslatorResourceTest method shouldReturnADtoWhenResponseIs_TooOld.
@Test
public void shouldReturnADtoWhenResponseIs_TooOld() throws Exception {
final String requestId = "requestId";
final String msaStatusCode = SamlStatusCode.MATCH;
final Status status = aStatus().withStatusCode(aStatusCode().withSubStatusCode(aStatusCode().withValue(msaStatusCode).build()).withValue(SUCCESS).build()).build();
final SamlResponseContainerDto samlResponseContainerDto = new SamlResponseContainerDto(Base64.getEncoder().encodeToString(aValidMatchResponseFromMatchingService(requestId, status, DateTime.now().minusDays(1)).getBytes()), TEST_RP);
Response clientResponse = postToSamlEngine(samlResponseContainerDto);
assertThat(clientResponse.getStatus()).isEqualTo(Response.Status.BAD_REQUEST.getStatusCode());
ErrorStatusDto errorStatusDto = clientResponse.readEntity(ErrorStatusDto.class);
assertThat(errorStatusDto.getExceptionType()).isEqualTo(ExceptionType.INVALID_SAML);
}
use of uk.gov.ida.hub.samlengine.domain.SamlResponseContainerDto in project verify-hub by alphagov.
the class MatchingServiceResponseTranslatorResourceTest method shouldReturnADtoWhenResponseIs_NoMatch.
@Test
public void shouldReturnADtoWhenResponseIs_NoMatch() throws Exception {
final String requestId = "requestId";
final String msaStatusCode = SamlStatusCode.NO_MATCH;
final Status status = aStatus().withStatusCode(aStatusCode().withSubStatusCode(aStatusCode().withValue(msaStatusCode).build()).withValue(RESPONDER).build()).build();
final SamlResponseContainerDto samlResponseContainerDto = new SamlResponseContainerDto(Base64.getEncoder().encodeToString(aValidNoMatchResponseFromMatchingService(requestId, status, TEST_RP_MS).getBytes()), TEST_RP);
Response clientResponse = postToSamlEngine(samlResponseContainerDto);
assertThat(clientResponse.getStatus()).isEqualTo(Response.Status.OK.getStatusCode());
InboundResponseFromMatchingServiceDto inboundResponseFromMatchingServiceDto = clientResponse.readEntity(InboundResponseFromMatchingServiceDto.class);
assertThat(inboundResponseFromMatchingServiceDto.getIssuer()).isEqualTo(TEST_RP_MS);
assertThat(inboundResponseFromMatchingServiceDto.getInResponseTo()).isEqualTo(requestId);
assertThat(inboundResponseFromMatchingServiceDto.getStatus().name()).isEqualTo(MatchingServiceIdaStatus.NoMatchingServiceMatchFromMatchingService.name());
assertThat(inboundResponseFromMatchingServiceDto.getLevelOfAssurance()).isNotPresent();
assertThat(inboundResponseFromMatchingServiceDto.getEncryptedMatchingServiceAssertion()).isNotPresent();
}
use of uk.gov.ida.hub.samlengine.domain.SamlResponseContainerDto in project verify-hub by alphagov.
the class MatchingServiceResponseTranslatorResourceTest method shouldNotReturnADtoResponse_WhenBadlySigned_NoMatch.
@Test
public void shouldNotReturnADtoResponse_WhenBadlySigned_NoMatch() throws Exception {
final String requestId = "requestId";
final String msaStatusCode = SamlStatusCode.NO_MATCH;
final Status status = aStatus().withStatusCode(aStatusCode().withSubStatusCode(aStatusCode().withValue(msaStatusCode).build()).withValue(RESPONDER).build()).build();
final SamlResponseContainerDto samlResponseContainerDto = new SamlResponseContainerDto(Base64.getEncoder().encodeToString(aValidNoMatchResponseFromMatchingServiceisBadlySigned(requestId, status, TEST_RP_MS).getBytes()), TEST_RP);
Response clientResponse = postToSamlEngine(samlResponseContainerDto);
assertThat(clientResponse.getStatus()).isEqualTo(Response.Status.BAD_REQUEST.getStatusCode());
ErrorStatusDto errorStatusDto = clientResponse.readEntity(ErrorStatusDto.class);
assertThat(errorStatusDto.getExceptionType()).isEqualTo(ExceptionType.INVALID_SAML);
}
use of uk.gov.ida.hub.samlengine.domain.SamlResponseContainerDto in project verify-hub by alphagov.
the class MatchingServiceResponseTranslatorServiceTest method populateReturnDtoCorrectly_handleRequesterError.
@Test
public void populateReturnDtoCorrectly_handleRequesterError() {
final String inResponseTo = "inResponseTo";
final String issuer = "issuer";
final Optional<AuthnContext> authnContext = Optional.empty();
final Optional<FraudDetectedDetails> fraudDetectedDetails = Optional.empty();
final String underlyingAssertionBlob = null;
final MatchingServiceIdaStatus status = MatchingServiceIdaStatus.RequesterError;
final SamlResponseContainerDto samlResponse = new SamlResponseContainerDto("saml", TEST_RP);
setUpForTranslate(authnContext, fraudDetectedDetails, underlyingAssertionBlob, inResponseTo, issuer, samlResponse.getSamlResponse(), status);
final InboundResponseFromMatchingServiceDto inboundResponseFromMatchingServiceDto = matchingServiceResponseTranslatorService.translate(samlResponse);
assertThat(inboundResponseFromMatchingServiceDto.getInResponseTo()).isEqualTo(inResponseTo);
assertThat(inboundResponseFromMatchingServiceDto.getEncryptedMatchingServiceAssertion()).isNotPresent();
assertThat(inboundResponseFromMatchingServiceDto.getIssuer()).isEqualTo(issuer);
assertThat(inboundResponseFromMatchingServiceDto.getLevelOfAssurance()).isNotPresent();
assertThat(inboundResponseFromMatchingServiceDto.getStatus()).isEqualTo(status);
}
Aggregations