Example 6 with SamlRequestDto
use of uk.gov.ida.hub.samlproxy.contracts.SamlRequestDto in project verify-hub by alphagov.
the class SamlMessageReceiverApiResourceTest method shouldReturn400IfAuthnResponseIsSignedByAnRp.
@Test
public void shouldReturn400IfAuthnResponseIsSignedByAnRp() throws Exception {
final String samlResponse = authnResponseFactory.aSamlResponseFromIdp(TEST_RP, TEST_RP_PUBLIC_SIGNING_CERT, TEST_RP_PRIVATE_SIGNING_KEY, Endpoints.SSO_RESPONSE_ENDPOINT, SIGNATURE_ALGORITHM, DIGEST_ALGORITHM);
SamlRequestDto authnResponse = new SamlRequestDto(samlResponse, "sessionId", "127.0.0.1");
final Response response = postSAML(authnResponse, Urls.SamlProxyUrls.SAML2_SSO_RECEIVER_API_RESOURCE);
assertThat(response.getStatus()).isEqualTo(HttpStatus.SC_BAD_REQUEST);
}
Also used :
Response(javax.ws.rs.core.Response)
ResponseBuilder.aResponse(uk.gov.ida.saml.core.test.builders.ResponseBuilder.aResponse)
SamlRequestDto(uk.gov.ida.hub.samlproxy.contracts.SamlRequestDto)
Test(org.junit.Test)
Example 7 with SamlRequestDto
use of uk.gov.ida.hub.samlproxy.contracts.SamlRequestDto in project verify-hub by alphagov.
the class SamlMessageReceiverApiResourceTest method shouldCreateSessionForAuthnRequest.
@Test
public void shouldCreateSessionForAuthnRequest() throws Exception {
SamlRequestDto authnRequestWrapper = createAuthnRequest(TEST_RP, "relayState", TEST_RP_PUBLIC_SIGNING_CERT, TEST_RP_PRIVATE_SIGNING_KEY);
configStubRule.setupStubForCertificates(TEST_RP);
SessionId sessionId = SessionId.createNewSessionId();
policyStubRule.stubCreateSession(sessionId);
Response clientResponse = postSAML(authnRequestWrapper, Urls.SamlProxyUrls.SAML2_SSO_RECEIVER_API_ROOT);
assertThat(clientResponse.getStatus()).isEqualTo(Response.Status.OK.getStatusCode());
assertThat(clientResponse.readEntity(SessionId.class)).isEqualTo(sessionId);
}
Also used :
Response(javax.ws.rs.core.Response)
ResponseBuilder.aResponse(uk.gov.ida.saml.core.test.builders.ResponseBuilder.aResponse)
SamlRequestDto(uk.gov.ida.hub.samlproxy.contracts.SamlRequestDto)
SessionId(uk.gov.ida.common.SessionId)
Test(org.junit.Test)
Example 8 with SamlRequestDto
use of uk.gov.ida.hub.samlproxy.contracts.SamlRequestDto in project verify-hub by alphagov.
the class SamlMessageReceiverApiResourceTest method responsePost_shouldRespondWithSuccessWhenPolicyRespondsWithSuccess.
@Test
public void responsePost_shouldRespondWithSuccessWhenPolicyRespondsWithSuccess() throws Exception {
String sessionId = UUID.randomUUID().toString();
policyStubRule.receiveAuthnResponseFromIdp(sessionId, LevelOfAssurance.LEVEL_2);
final String samlResponse = authnResponseFactory.aSamlResponseFromIdp(STUB_IDP_ONE, STUB_IDP_PUBLIC_PRIMARY_CERT, STUB_IDP_PUBLIC_PRIMARY_PRIVATE_KEY, Endpoints.SSO_RESPONSE_ENDPOINT, SIGNATURE_ALGORITHM, DIGEST_ALGORITHM);
SamlRequestDto authnResponse = new SamlRequestDto(samlResponse, sessionId, "127.0.0.1");
final Response response = postSAML(authnResponse, Urls.SamlProxyUrls.SAML2_SSO_RECEIVER_API_RESOURCE);
assertThat(response.getStatus()).isEqualTo(HttpStatus.SC_OK);
}
Also used :
Response(javax.ws.rs.core.Response)
ResponseBuilder.aResponse(uk.gov.ida.saml.core.test.builders.ResponseBuilder.aResponse)
SamlRequestDto(uk.gov.ida.hub.samlproxy.contracts.SamlRequestDto)
Test(org.junit.Test)
Example 9 with SamlRequestDto
use of uk.gov.ida.hub.samlproxy.contracts.SamlRequestDto in project verify-hub by alphagov.
the class SamlMessageReceiverApiResourceTest method shouldReturn400IfAuthnRequestIsSignedByAnIdp.
@Test
public void shouldReturn400IfAuthnRequestIsSignedByAnIdp() throws Exception {
SamlRequestDto authnRequest = createAuthnRequest(STUB_IDP_ONE, "relayState", STUB_IDP_PUBLIC_PRIMARY_CERT, STUB_IDP_PUBLIC_PRIMARY_PRIVATE_KEY);
configStubRule.setupStubForNonExistentSigningCertificates(STUB_IDP_ONE);
Response clientResponse = postSAML(authnRequest, Urls.SamlProxyUrls.SAML2_SSO_RECEIVER_API_ROOT);
assertThat(clientResponse.getStatus()).isEqualTo(Response.Status.BAD_REQUEST.getStatusCode());
}
Also used :
Response(javax.ws.rs.core.Response)
ResponseBuilder.aResponse(uk.gov.ida.saml.core.test.builders.ResponseBuilder.aResponse)
SamlRequestDto(uk.gov.ida.hub.samlproxy.contracts.SamlRequestDto)
Test(org.junit.Test)
Example 10 with SamlRequestDto
use of uk.gov.ida.hub.samlproxy.contracts.SamlRequestDto in project verify-hub by alphagov.
the class SamlMessageReceiverApiResourceTest method shouldErrorWhenAuthnRequestIsNotSigned.
@Test
public void shouldErrorWhenAuthnRequestIsNotSigned() throws Exception {
AuthnRequest authnRequest = anAuthnRequest().withIssuer(anIssuer().withIssuerId(TEST_RP).build()).withDestination(Endpoints.SSO_REQUEST_ENDPOINT).withId(AuthnRequestIdGenerator.generateRequestId()).withoutSignatureElement().build();
SamlRequestDto authnRequestWrapper = new SamlRequestDto(authnRequestToStringTransformer.apply(authnRequest), "relayState", "ipAddress");
Response clientResponse = postSAML(authnRequestWrapper, Urls.SamlProxyUrls.SAML2_SSO_RECEIVER_API_ROOT);
assertError(clientResponse, ExceptionType.INVALID_SAML);
}
Also used :
Response(javax.ws.rs.core.Response)
ResponseBuilder.aResponse(uk.gov.ida.saml.core.test.builders.ResponseBuilder.aResponse)
AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)
AuthnRequestBuilder.anAuthnRequest(uk.gov.ida.saml.core.test.builders.AuthnRequestBuilder.anAuthnRequest)
SamlRequestDto(uk.gov.ida.hub.samlproxy.contracts.SamlRequestDto)
Test(org.junit.Test)
Aggregations
SamlRequestDto (uk.gov.ida.hub.samlproxy.contracts.SamlRequestDto)22
Test (org.junit.Test)21
Response (javax.ws.rs.core.Response)18
ResponseBuilder.aResponse (uk.gov.ida.saml.core.test.builders.ResponseBuilder.aResponse)14
SessionId (uk.gov.ida.common.SessionId)5
URI (java.net.URI)3
ResponseActionDto (uk.gov.ida.hub.samlproxy.domain.ResponseActionDto)2
AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)1
AuthnRequestBuilder.anAuthnRequest (uk.gov.ida.saml.core.test.builders.AuthnRequestBuilder.anAuthnRequest)1
