Examples with SamlAuthnResponseContainerDto uk.gov.ida.hub.samlproxy.domain.SamlAuthnResponseContainerDto used on opensource projects

Search in sources :

Example 1 with SamlAuthnResponseContainerDto

use of uk.gov.ida.hub.samlproxy.domain.SamlAuthnResponseContainerDto in project verify-hub by alphagov.

the class SamlMessageReceiverApi method handleEidasResponsePost.

@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Path(Urls.SamlProxyUrls.EIDAS_RESPONSE_POST_PATH)
@Timed
public Response handleEidasResponsePost(SamlRequestDto samlRequestDto) {
    if (eidasAuthnResponseSignatureValidator.isPresent()) {
        final SessionId sessionId = new SessionId(samlRequestDto.getRelayState());
        MDC.put("SessionId", sessionId);
        relayStateValidator.validate(samlRequestDto.getRelayState());
        org.opensaml.saml.saml2.core.Response samlResponse = stringSamlResponseTransformer.apply(samlRequestDto.getSamlRequest());
        SamlValidationResponse signatureValidationResponse = eidasAuthnResponseSignatureValidator.get().validate(samlResponse, IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
        protectiveMonitoringLogger.logAuthnResponse(samlResponse, Direction.INBOUND, signatureValidationResponse.isOK());
        if (!signatureValidationResponse.isOK()) {
            SamlValidationSpecificationFailure failure = signatureValidationResponse.getSamlValidationSpecificationFailure();
            throw new SamlTransformationErrorException(failure.getErrorMessage(), signatureValidationResponse.getCause(), Level.ERROR);
        }
        final SamlAuthnResponseContainerDto authnResponseDto = new SamlAuthnResponseContainerDto(samlRequestDto.getSamlRequest(), sessionId, samlRequestDto.getPrincipalIpAsSeenByFrontend());
        return Response.ok(sessionProxy.receiveAuthnResponseFromCountry(authnResponseDto, sessionId)).build();
    }
    return Response.status(Response.Status.NOT_FOUND).build();
}
Also used : SamlValidationResponse(uk.gov.ida.saml.core.validation.SamlValidationResponse) SamlValidationSpecificationFailure(uk.gov.ida.saml.core.validation.SamlValidationSpecificationFailure) SamlTransformationErrorException(uk.gov.ida.saml.core.validation.SamlTransformationErrorException) SamlAuthnResponseContainerDto(uk.gov.ida.hub.samlproxy.domain.SamlAuthnResponseContainerDto) SessionId(uk.gov.ida.common.SessionId) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces) Timed(com.codahale.metrics.annotation.Timed)

Example 2 with SamlAuthnResponseContainerDto

use of uk.gov.ida.hub.samlproxy.domain.SamlAuthnResponseContainerDto in project verify-hub by alphagov.

the class SamlMessageReceiverApiTest method handleResponsePost_shouldReportPrincipalIpAddress.

@Test
public void handleResponsePost_shouldReportPrincipalIpAddress() throws Exception {
    AuthnRequest authnRequest = anAuthnRequest().withIssuer(anIssuer().withIssuerId(ISSUER_ID).build()).build();
    when(stringSamlAuthnRequestTransformer.apply(SAML_REQUEST)).thenReturn(authnRequest);
    when(stringSamlResponseTransformer.apply(SAML_REQUEST)).thenReturn(aResponse().build());
    when(samlMessageSignatureValidator.validate(any(org.opensaml.saml.saml2.core.Response.class), any(QName.class))).thenReturn(SamlValidationResponse.aValidResponse());
    when(sessionProxy.createSession(any(SamlAuthnRequestContainerDto.class))).thenReturn(SESSION_ID);
    when(responseTransformer.apply(anyString())).thenReturn(aResponse().build());
    samlMessageReceiverApi.handleResponsePost(SAML_REQUEST_DTO);
    ArgumentCaptor<SamlAuthnResponseContainerDto> samlAuthnResponseContainerDtoArgumentCaptor = ArgumentCaptor.forClass(SamlAuthnResponseContainerDto.class);
    verify(sessionProxy).receiveAuthnResponseFromIdp(samlAuthnResponseContainerDtoArgumentCaptor.capture(), any(SessionId.class));
    assertThat(samlAuthnResponseContainerDtoArgumentCaptor.getValue().getPrincipalIPAddressAsSeenByHub()).isEqualTo(SAML_REQUEST_DTO.getPrincipalIpAsSeenByFrontend());
}
Also used : ResponseBuilder.aValidIdpResponse(uk.gov.ida.saml.core.test.builders.ResponseBuilder.aValidIdpResponse) ResponseBuilder.aResponse(uk.gov.ida.saml.core.test.builders.ResponseBuilder.aResponse) SamlValidationResponse(uk.gov.ida.saml.core.validation.SamlValidationResponse) Response(javax.ws.rs.core.Response) SamlAuthnRequestContainerDto(uk.gov.ida.hub.samlproxy.domain.SamlAuthnRequestContainerDto) AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) AuthnRequestBuilder.anAuthnRequest(uk.gov.ida.saml.core.test.builders.AuthnRequestBuilder.anAuthnRequest) QName(javax.xml.namespace.QName) SamlAuthnResponseContainerDto(uk.gov.ida.hub.samlproxy.domain.SamlAuthnResponseContainerDto) SessionId(uk.gov.ida.common.SessionId) Test(org.junit.Test)

Example 3 with SamlAuthnResponseContainerDto

use of uk.gov.ida.hub.samlproxy.domain.SamlAuthnResponseContainerDto in project verify-hub by alphagov.

the class SamlMessageReceiverApi method handleResponsePost.

@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Path(Urls.SamlProxyUrls.RESPONSE_POST_PATH)
@Timed
@ResponseMetered
public Response handleResponsePost(SamlRequestDto samlRequestDto) {
    final SessionId sessionId = new SessionId(samlRequestDto.getRelayState());
    MDC.put("SessionId", sessionId);
    relayStateValidator.validate(samlRequestDto.getRelayState());
    org.opensaml.saml.saml2.core.Response samlResponse = stringSamlResponseTransformer.apply(samlRequestDto.getSamlRequest());
    SamlValidationResponse signatureValidationResponse = authnResponseSignatureValidator.validate(samlResponse, IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
    protectiveMonitoringLogger.logAuthnResponse(samlResponse, Direction.INBOUND, SignatureStatus.fromValidationResponse(signatureValidationResponse));
    if (!signatureValidationResponse.isOK()) {
        SamlValidationSpecificationFailure failure = signatureValidationResponse.getSamlValidationSpecificationFailure();
        throw new SamlTransformationErrorException(failure.getErrorMessage(), signatureValidationResponse.getCause(), Level.ERROR);
    }
    final SamlAuthnResponseContainerDto authnResponseDto = new SamlAuthnResponseContainerDto(samlRequestDto.getSamlRequest(), sessionId, samlRequestDto.getPrincipalIpAsSeenByFrontend(), samlRequestDto.getAnalyticsSessionId(), samlRequestDto.getJourneyType());
    return Response.ok(sessionProxy.receiveAuthnResponseFromIdp(authnResponseDto, sessionId)).build();
}
Also used : SamlValidationResponse(uk.gov.ida.saml.core.validation.SamlValidationResponse) SamlValidationSpecificationFailure(uk.gov.ida.saml.core.validation.SamlValidationSpecificationFailure) SamlTransformationErrorException(uk.gov.ida.saml.core.validation.SamlTransformationErrorException) SamlAuthnResponseContainerDto(uk.gov.ida.hub.samlproxy.domain.SamlAuthnResponseContainerDto) SessionId(uk.gov.ida.common.SessionId) Path(javax.ws.rs.Path) ResponseMetered(com.codahale.metrics.annotation.ResponseMetered) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces) Timed(com.codahale.metrics.annotation.Timed)

Aggregations

SessionId (uk.gov.ida.common.SessionId)3 SamlAuthnResponseContainerDto (uk.gov.ida.hub.samlproxy.domain.SamlAuthnResponseContainerDto)3 SamlValidationResponse (uk.gov.ida.saml.core.validation.SamlValidationResponse)3 Timed (com.codahale.metrics.annotation.Timed)2 Consumes (javax.ws.rs.Consumes)2 POST (javax.ws.rs.POST)2 Path (javax.ws.rs.Path)2 Produces (javax.ws.rs.Produces)2 SamlTransformationErrorException (uk.gov.ida.saml.core.validation.SamlTransformationErrorException)2 SamlValidationSpecificationFailure (uk.gov.ida.saml.core.validation.SamlValidationSpecificationFailure)2 ResponseMetered (com.codahale.metrics.annotation.ResponseMetered)1 Response (javax.ws.rs.core.Response)1 QName (javax.xml.namespace.QName)1 Test (org.junit.Test)1 AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)1 SamlAuthnRequestContainerDto (uk.gov.ida.hub.samlproxy.domain.SamlAuthnRequestContainerDto)1 AuthnRequestBuilder.anAuthnRequest (uk.gov.ida.saml.core.test.builders.AuthnRequestBuilder.anAuthnRequest)1 ResponseBuilder.aResponse (uk.gov.ida.saml.core.test.builders.ResponseBuilder.aResponse)1 ResponseBuilder.aValidIdpResponse (uk.gov.ida.saml.core.test.builders.ResponseBuilder.aValidIdpResponse)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial