use of uk.gov.ida.hub.samlproxy.domain.AuthnRequestFromHubContainerDto in project verify-hub by alphagov.
the class SamlMessageSenderHandler method generateAuthnRequestFromHub.
public SamlMessage generateAuthnRequestFromHub(SessionId sessionId, String principalIpAddress) {
AuthnRequestFromHubContainerDto authnRequestFromHub = sessionProxy.getAuthnRequestFromHub(sessionId);
AuthnRequest request = authnRequestTransformer.apply(authnRequestFromHub.getSamlRequest());
SamlValidationResponse samlSignatureValidationResponse = samlMessageSignatureValidator.validate(request, SPSSODescriptor.DEFAULT_ELEMENT_NAME);
protectiveMonitoringLogger.logAuthnRequest(request, Direction.OUTBOUND, samlSignatureValidationResponse.isOK());
if (!samlSignatureValidationResponse.isOK()) {
SamlValidationSpecificationFailure failure = samlSignatureValidationResponse.getSamlValidationSpecificationFailure();
throw new SamlTransformationErrorException(failure.getErrorMessage(), samlSignatureValidationResponse.getCause(), Level.ERROR);
}
SamlMessage samlMessage = new SamlMessage(authnRequestFromHub.getSamlRequest(), SamlMessageType.SAML_REQUEST, Optional.fromNullable(sessionId.toString()), authnRequestFromHub.getPostEndpoint().toString(), Optional.of(authnRequestFromHub.getRegistering()));
externalCommunicationEventLogger.logIdpAuthnRequest(request.getID(), sessionId, authnRequestFromHub.getPostEndpoint(), principalIpAddress);
return samlMessage;
}
use of uk.gov.ida.hub.samlproxy.domain.AuthnRequestFromHubContainerDto in project verify-hub by alphagov.
the class SamlMessageSenderHandlerTest method generateAuthRequestFromHub_shouldThrowSamlTransformationException.
@Test(expected = SamlTransformationErrorException.class)
public void generateAuthRequestFromHub_shouldThrowSamlTransformationException() throws MarshallingException, SignatureException {
SessionId sessionId = SessionId.createNewSessionId();
String expectedSamlMessageId = UUID.randomUUID().toString();
when(sessionProxy.getAuthnRequestFromHub(sessionId)).thenReturn(new AuthnRequestFromHubContainerDto(samlRequest, postEndPoint, true));
AuthnRequest authnRequest = anAuthnRequest().withId(expectedSamlMessageId).build();
when(authnRequestTransformer.apply(samlRequest)).thenReturn(authnRequest);
when(samlMessageSignatureValidator.validate(authnRequest, SPSSODescriptor.DEFAULT_ELEMENT_NAME)).thenReturn(SamlValidationResponse.anInvalidResponse(new SamlValidationSpecification("bad", true)));
samlMessageSenderHandler.generateAuthnRequestFromHub(sessionId, principalIpAddressAsSeenByHub);
}
use of uk.gov.ida.hub.samlproxy.domain.AuthnRequestFromHubContainerDto in project verify-hub by alphagov.
the class SamlMessageSenderApiResourceTest method sendJsonAuthnRequestFromHub_shouldRespondWithNextLocation.
@Test
public void sendJsonAuthnRequestFromHub_shouldRespondWithNextLocation() throws Exception {
SessionId sessionId = SessionId.createNewSessionId();
URI nextLocationUri = URI.create("http://blah");
IdaAuthnRequestFromHub authnRequestFromHub = anIdaAuthnRequest().withIssuer(HUB_ENTITY_ID).buildFromHub();
Function<IdaAuthnRequestFromHub, String> idaAuthnRequestFromHubToStringTransformer = new HubTransformersFactory().getIdaAuthnRequestFromHubToStringTransformer(getKeyStore(), SIGNATURE_ALGORITHM, DIGEST_ALGORITHM);
String samlString = idaAuthnRequestFromHubToStringTransformer.apply(authnRequestFromHub);
policyStubRule.aValidAuthnRequestFromHubToIdp(sessionId, new AuthnRequestFromHubContainerDto(samlString, nextLocationUri, false));
Response response = getResponseFromSamlProxy(Urls.SamlProxyUrls.SEND_AUTHN_REQUEST_API_RESOURCE, sessionId);
assertThat(response.readEntity(SamlMessageSenderHandler.SamlMessage.class).getPostEndpoint()).isEqualTo(nextLocationUri.toASCIIString());
}
use of uk.gov.ida.hub.samlproxy.domain.AuthnRequestFromHubContainerDto in project verify-hub by alphagov.
the class SamlMessageSenderHandlerTest method generateAuthnRequestFromHub_shouldAddExternalCommunicationEvent.
@Test
public void generateAuthnRequestFromHub_shouldAddExternalCommunicationEvent() throws Exception {
SessionId sessionId = SessionId.createNewSessionId();
String expectedSamlMessageId = UUID.randomUUID().toString();
when(sessionProxy.getAuthnRequestFromHub(any(SessionId.class))).thenReturn(new AuthnRequestFromHubContainerDto(samlRequest, postEndPoint, true));
AuthnRequest authnRequest = anAuthnRequest().withId(expectedSamlMessageId).build();
when(authnRequestTransformer.apply(samlRequest)).thenReturn(authnRequest);
SamlMessage authnResponse = samlMessageSenderHandler.generateAuthnRequestFromHub(sessionId, principalIpAddressAsSeenByHub);
assertThat(authnResponse.getSamlMessage()).isEqualTo(samlRequest);
assertThat(authnResponse.getPostEndpoint()).isEqualTo(postEndPoint.toString());
assertThat(authnResponse.getRegistration().isPresent()).isTrue();
assertThat(authnResponse.getRegistration().get()).isTrue();
assertThat(authnResponse.getSamlMessageType()).isEqualTo(SamlMessageType.SAML_REQUEST);
assertThat(authnResponse.getRelayState().isPresent()).isTrue();
assertThat(authnResponse.getRelayState().get()).isEqualTo(sessionId.getSessionId());
verify(externalCommunicationEventLogger).logIdpAuthnRequest(expectedSamlMessageId, sessionId, postEndPoint, principalIpAddressAsSeenByHub);
}
Aggregations