Search in sources :

Example 1 with AuthnResponseFromHubContainerDto

use of uk.gov.ida.hub.samlproxy.contracts.AuthnResponseFromHubContainerDto in project verify-hub by alphagov.

the class SamlMessageSenderApiResourceTest method sendJsonErrorResponseFromHub_shouldRespondWithNextLocation.

@Test
public void sendJsonErrorResponseFromHub_shouldRespondWithNextLocation() throws Exception {
    URI uri = URI.create("http://blah");
    String requestId = UUID.randomUUID().toString();
    final SessionId sessionId = SessionId.createNewSessionId();
    OutboundResponseFromHub authnResponseFromHub = anAuthnResponse().withInResponseTo(requestId).withIssuerId(HUB_ENTITY_ID).withTransactionIdaStatus(TransactionIdaStatus.RequesterError).buildOutboundResponseFromHub();
    Function<OutboundResponseFromHub, String> outboundResponseFromHubToStringTransformer = new HubTransformersFactory().getOutboundResponseFromHubToStringTransformer(new HardCodedKeyStore(HUB_ENTITY_ID), getKeyStore(), new IdpHardCodedEntityToEncryptForLocator(), SIGNATURE_ALGORITHM, DIGEST_ALGORITHM);
    String samlString = outboundResponseFromHubToStringTransformer.apply(authnResponseFromHub);
    AuthnResponseFromHubContainerDto authnResponseFromHubContainerDto = new AuthnResponseFromHubContainerDto(samlString, uri, com.google.common.base.Optional.absent(), authnResponseFromHub.getId());
    policyStubRule.anErrorResponseFromHubToRp(sessionId, authnResponseFromHubContainerDto);
    javax.ws.rs.core.Response response = getResponseFromSamlProxy(Urls.SamlProxyUrls.SEND_ERROR_RESPONSE_FROM_HUB_API_RESOURCE, sessionId);
    assertThat(response.getStatus()).isEqualTo(200);
    assertThat(response.readEntity(SamlMessageSenderHandler.SamlMessage.class).getPostEndpoint()).isEqualTo(uri.toASCIIString());
}
Also used : HubTransformersFactory(uk.gov.ida.saml.hub.api.HubTransformersFactory) HardCodedKeyStore(uk.gov.ida.saml.core.test.HardCodedKeyStore) AuthnResponseFromHubContainerDto(uk.gov.ida.hub.samlproxy.contracts.AuthnResponseFromHubContainerDto) URI(java.net.URI) OutboundResponseFromHub(uk.gov.ida.saml.core.domain.OutboundResponseFromHub) Response(javax.ws.rs.core.Response) SessionId(uk.gov.ida.common.SessionId) Test(org.junit.Test)

Example 2 with AuthnResponseFromHubContainerDto

use of uk.gov.ida.hub.samlproxy.contracts.AuthnResponseFromHubContainerDto in project verify-hub by alphagov.

the class SamlMessageSenderApiResourceTest method sendJsonErrorResponseFromHub_shouldErrorWhenAValidationFailureOccurs.

@Test
public void sendJsonErrorResponseFromHub_shouldErrorWhenAValidationFailureOccurs() throws Exception {
    URI uri = URI.create("http://blah");
    String requestId = UUID.randomUUID().toString();
    final SessionId sessionId = SessionId.createNewSessionId();
    OutboundResponseFromHub authnResponseFromHub = anAuthnResponse().withInResponseTo(requestId).withIssuerId(HUB_ENTITY_ID).withTransactionIdaStatus(TransactionIdaStatus.RequesterError).buildOutboundResponseFromHub();
    AuthnResponseFromHubContainerDto authnResponseFromHubContainerDto = new AuthnResponseFromHubContainerDto("invalid saml", uri, com.google.common.base.Optional.absent(), authnResponseFromHub.getId());
    policyStubRule.anErrorResponseFromHubToRp(sessionId, authnResponseFromHubContainerDto);
    javax.ws.rs.core.Response response = getResponseFromSamlProxy(Urls.SamlProxyUrls.SEND_ERROR_RESPONSE_FROM_HUB_API_RESOURCE, sessionId);
    assertThat(response.getStatus()).isEqualTo(500);
}
Also used : AuthnResponseFromHubContainerDto(uk.gov.ida.hub.samlproxy.contracts.AuthnResponseFromHubContainerDto) OutboundResponseFromHub(uk.gov.ida.saml.core.domain.OutboundResponseFromHub) Response(javax.ws.rs.core.Response) URI(java.net.URI) SessionId(uk.gov.ida.common.SessionId) Test(org.junit.Test)

Example 3 with AuthnResponseFromHubContainerDto

use of uk.gov.ida.hub.samlproxy.contracts.AuthnResponseFromHubContainerDto in project verify-hub by alphagov.

the class SamlMessageSenderHandler method generateErrorResponseFromHub.

public SamlMessage generateErrorResponseFromHub(final SessionId sessionId, String principalIpAddressAsSeenByHub) {
    AuthnResponseFromHubContainerDto authnResponseFromHub = sessionProxy.getErrorResponseFromHub(sessionId);
    Response samlResponse = responseTransformer.apply(authnResponseFromHub.getSamlResponse());
    validateAndLogSamlResponseSignature(samlResponse);
    SamlMessage samlMessage = new SamlMessage(authnResponseFromHub.getSamlResponse(), SamlMessageType.SAML_RESPONSE, authnResponseFromHub.getRelayState(), authnResponseFromHub.getPostEndpoint().toString(), Optional.<Boolean>absent());
    externalCommunicationEventLogger.logResponseFromHub(authnResponseFromHub.getResponseId(), sessionId, authnResponseFromHub.getPostEndpoint(), principalIpAddressAsSeenByHub);
    return samlMessage;
}
Also used : SamlValidationResponse(uk.gov.ida.saml.core.validation.SamlValidationResponse) Response(org.opensaml.saml.saml2.core.Response) AuthnResponseFromHubContainerDto(uk.gov.ida.hub.samlproxy.contracts.AuthnResponseFromHubContainerDto)

Example 4 with AuthnResponseFromHubContainerDto

use of uk.gov.ida.hub.samlproxy.contracts.AuthnResponseFromHubContainerDto in project verify-hub by alphagov.

the class SamlMessageSenderHandlerTest method setUpErrorResponseFromHub.

private Response setUpErrorResponseFromHub(SessionId sessionId, String expectedSamlMessageId) throws MarshallingException, SignatureException {
    AuthnResponseFromHubContainerDto hubContainerDto = new AuthnResponseFromHubContainerDto(samlRequest, postEndPoint, relayState, expectedSamlMessageId);
    when(sessionProxy.getErrorResponseFromHub(sessionId)).thenReturn(hubContainerDto);
    Response openSamlResponse = aResponse().withId(expectedSamlMessageId).build();
    when(responseTransformer.apply(anyString())).thenReturn(openSamlResponse);
    return openSamlResponse;
}
Also used : Response(org.opensaml.saml.saml2.core.Response) ResponseBuilder.aResponse(uk.gov.ida.saml.core.test.builders.ResponseBuilder.aResponse) SamlValidationResponse(uk.gov.ida.saml.core.validation.SamlValidationResponse) AuthnResponseFromHubContainerDto(uk.gov.ida.hub.samlproxy.contracts.AuthnResponseFromHubContainerDto)

Example 5 with AuthnResponseFromHubContainerDto

use of uk.gov.ida.hub.samlproxy.contracts.AuthnResponseFromHubContainerDto in project verify-hub by alphagov.

the class SamlMessageSenderApiResourceTest method sendJsonAuthnResponseFromHub_shouldErrorWhenAValidationFailureOccurs.

@Test
public void sendJsonAuthnResponseFromHub_shouldErrorWhenAValidationFailureOccurs() throws Exception {
    String responseId = "my-request";
    SessionId sessionId = SessionId.createNewSessionId();
    URI nextLocationUri = URI.create("http://blah");
    OutboundResponseFromHub authnResponseFromHub = anAuthnResponse().withInResponseTo(responseId).withIssuerId(HUB_ENTITY_ID).withTransactionIdaStatus(TransactionIdaStatus.Success).buildOutboundResponseFromHub();
    AuthnResponseFromHubContainerDto invalidAuthnResponseFromHubContainerDto = new AuthnResponseFromHubContainerDto("something not valid", nextLocationUri, com.google.common.base.Optional.absent(), authnResponseFromHub.getId());
    policyStubRule.anAuthnResponseFromHubToRp(sessionId, invalidAuthnResponseFromHubContainerDto);
    javax.ws.rs.core.Response response = getResponseFromSamlProxy(Urls.SamlProxyUrls.SEND_RESPONSE_FROM_HUB_API_RESOURCE, sessionId);
    assertThat(response.getStatus()).isEqualTo(500);
}
Also used : AuthnResponseFromHubContainerDto(uk.gov.ida.hub.samlproxy.contracts.AuthnResponseFromHubContainerDto) OutboundResponseFromHub(uk.gov.ida.saml.core.domain.OutboundResponseFromHub) Response(javax.ws.rs.core.Response) SessionId(uk.gov.ida.common.SessionId) URI(java.net.URI) Test(org.junit.Test)

Aggregations

AuthnResponseFromHubContainerDto (uk.gov.ida.hub.samlproxy.contracts.AuthnResponseFromHubContainerDto)10 Test (org.junit.Test)6 SessionId (uk.gov.ida.common.SessionId)6 URI (java.net.URI)5 Response (javax.ws.rs.core.Response)5 Response (org.opensaml.saml.saml2.core.Response)5 OutboundResponseFromHub (uk.gov.ida.saml.core.domain.OutboundResponseFromHub)5 SamlValidationResponse (uk.gov.ida.saml.core.validation.SamlValidationResponse)5 HardCodedKeyStore (uk.gov.ida.saml.core.test.HardCodedKeyStore)3 ResponseBuilder.aResponse (uk.gov.ida.saml.core.test.builders.ResponseBuilder.aResponse)3 HubTransformersFactory (uk.gov.ida.saml.hub.api.HubTransformersFactory)3 Matchers.anyString (org.mockito.Matchers.anyString)1 SamlMessage (uk.gov.ida.hub.samlproxy.controllogic.SamlMessageSenderHandler.SamlMessage)1 ResponseAssertionSigner (uk.gov.ida.saml.core.transformers.outbound.decorators.ResponseAssertionSigner)1 IdaKeyStoreCredentialRetriever (uk.gov.ida.saml.security.IdaKeyStoreCredentialRetriever)1 SignatureFactory (uk.gov.ida.saml.security.SignatureFactory)1