Examples with AuthnContext uk.gov.ida.saml.core.domain.AuthnContext used on opensource projects

Search in sources :

Example 1 with AuthnContext

use of uk.gov.ida.saml.core.domain.AuthnContext in project verify-hub by alphagov.

the class MatchingServiceResponseTranslatorService method translate.

public InboundResponseFromMatchingServiceDto translate(SamlResponseDto samlResponseDto) {
    final Response response = responseUnmarshaller.apply(samlResponseDto.getSamlResponse());
    MdcHelper.addContextToMdc(response);
    final InboundResponseFromMatchingService responseFromMatchingService = responseToInboundResponseFromMatchingServiceTransformer.transform(response);
    Optional<String> assertionBlob = Optional.empty();
    Optional<LevelOfAssurance> levelOfAssurance = Optional.empty();
    // FIXME?: transformer can return null
    if (responseFromMatchingService.getMatchingServiceAssertion() != null && responseFromMatchingService.getMatchingServiceAssertion().isPresent()) {
        assertionBlob = Optional.ofNullable(responseFromMatchingService.getMatchingServiceAssertion().get().getUnderlyingAssertionBlob());
        final Optional<AuthnContext> authnContext = responseFromMatchingService.getMatchingServiceAssertion().get().getAuthnContext();
        if (authnContext.isPresent()) {
            levelOfAssurance = Optional.of(LevelOfAssurance.valueOf(authnContext.get().name()));
        }
    }
    final InboundResponseFromMatchingServiceDto inboundResponseFromMatchingServiceDto = new InboundResponseFromMatchingServiceDto(responseFromMatchingService.getStatus(), responseFromMatchingService.getInResponseTo(), responseFromMatchingService.getIssuer(), assertionBlob, levelOfAssurance);
    return inboundResponseFromMatchingServiceDto;
}
Also used : Response(org.opensaml.saml.saml2.core.Response) LevelOfAssurance(uk.gov.ida.hub.samlengine.domain.LevelOfAssurance) InboundResponseFromMatchingServiceDto(uk.gov.ida.hub.samlengine.contracts.InboundResponseFromMatchingServiceDto) InboundResponseFromMatchingService(uk.gov.ida.saml.hub.domain.InboundResponseFromMatchingService) AuthnContext(uk.gov.ida.saml.core.domain.AuthnContext)

Example 2 with AuthnContext

use of uk.gov.ida.saml.core.domain.AuthnContext in project verify-hub by alphagov.

the class MatchingServiceResponseTranslatorServiceTest method populateReturnDtoCorrectly_handleMatchResponse.

@Test
public void populateReturnDtoCorrectly_handleMatchResponse() {
    final String inResponseTo = "inResponseTo";
    final String issuer = "issuer";
    final Optional<AuthnContext> authnContext = Optional.of(AuthnContext.LEVEL_2);
    final Optional<FraudDetectedDetails> fraudDetectedDetails = Optional.empty();
    final String underlyingAssertionBlob = "underlyingAssertionBlob";
    final MatchingServiceIdaStatus status = MatchingServiceIdaStatus.MatchingServiceMatch;
    final SamlResponseDto samlResponse = new SamlResponseDto("saml");
    setUpForTranslate(authnContext, fraudDetectedDetails, underlyingAssertionBlob, inResponseTo, issuer, samlResponse.getSamlResponse(), status);
    final InboundResponseFromMatchingServiceDto inboundResponseFromMatchingServiceDto = matchingServiceResponseTranslatorService.translate(samlResponse);
    assertThat(inboundResponseFromMatchingServiceDto.getInResponseTo()).isEqualTo(inResponseTo);
    assertThat(inboundResponseFromMatchingServiceDto.getUnderlyingMatchingServiceAssertionBlob().isPresent()).isTrue();
    assertThat(inboundResponseFromMatchingServiceDto.getUnderlyingMatchingServiceAssertionBlob().get()).isEqualTo(underlyingAssertionBlob);
    assertThat(inboundResponseFromMatchingServiceDto.getIssuer()).isEqualTo(issuer);
    assertThat(inboundResponseFromMatchingServiceDto.getLevelOfAssurance().isPresent()).isTrue();
    assertThat(inboundResponseFromMatchingServiceDto.getLevelOfAssurance().get().name()).isEqualTo(authnContext.get().name());
    assertThat(inboundResponseFromMatchingServiceDto.getStatus()).isEqualTo(status);
}
Also used : SamlResponseDto(uk.gov.ida.hub.samlengine.domain.SamlResponseDto) FraudDetectedDetails(uk.gov.ida.saml.core.domain.FraudDetectedDetails) InboundResponseFromMatchingServiceDto(uk.gov.ida.hub.samlengine.contracts.InboundResponseFromMatchingServiceDto) AuthnContext(uk.gov.ida.saml.core.domain.AuthnContext) MatchingServiceIdaStatus(uk.gov.ida.saml.hub.transformers.inbound.MatchingServiceIdaStatus) Test(org.junit.Test)

Example 3 with AuthnContext

use of uk.gov.ida.saml.core.domain.AuthnContext in project verify-hub by alphagov.

the class MatchingServiceResponseTranslatorServiceTest method populateReturnDtoCorrectly_handleRequesterError.

@Test
public void populateReturnDtoCorrectly_handleRequesterError() {
    final String inResponseTo = "inResponseTo";
    final String issuer = "issuer";
    final Optional<AuthnContext> authnContext = Optional.empty();
    final Optional<FraudDetectedDetails> fraudDetectedDetails = Optional.empty();
    final String underlyingAssertionBlob = null;
    final MatchingServiceIdaStatus status = MatchingServiceIdaStatus.RequesterError;
    final SamlResponseDto samlResponse = new SamlResponseDto("saml");
    setUpForTranslate(authnContext, fraudDetectedDetails, underlyingAssertionBlob, inResponseTo, issuer, samlResponse.getSamlResponse(), status);
    final InboundResponseFromMatchingServiceDto inboundResponseFromMatchingServiceDto = matchingServiceResponseTranslatorService.translate(samlResponse);
    assertThat(inboundResponseFromMatchingServiceDto.getInResponseTo()).isEqualTo(inResponseTo);
    assertThat(inboundResponseFromMatchingServiceDto.getUnderlyingMatchingServiceAssertionBlob().isPresent()).isFalse();
    assertThat(inboundResponseFromMatchingServiceDto.getIssuer()).isEqualTo(issuer);
    assertThat(inboundResponseFromMatchingServiceDto.getLevelOfAssurance().isPresent()).isFalse();
    assertThat(inboundResponseFromMatchingServiceDto.getStatus()).isEqualTo(status);
}
Also used : SamlResponseDto(uk.gov.ida.hub.samlengine.domain.SamlResponseDto) FraudDetectedDetails(uk.gov.ida.saml.core.domain.FraudDetectedDetails) InboundResponseFromMatchingServiceDto(uk.gov.ida.hub.samlengine.contracts.InboundResponseFromMatchingServiceDto) AuthnContext(uk.gov.ida.saml.core.domain.AuthnContext) MatchingServiceIdaStatus(uk.gov.ida.saml.hub.transformers.inbound.MatchingServiceIdaStatus) Test(org.junit.Test)

Example 4 with AuthnContext

use of uk.gov.ida.saml.core.domain.AuthnContext in project verify-hub by alphagov.

the class CountryAuthnResponseTranslatorService method toModel.

private InboundResponseFromCountry toModel(ValidatedResponse response, Optional<Assertion> validatedIdentityAssertionOptional, String matchingServiceEntityId) {
    Optional<PassthroughAssertion> passthroughAssertion = validatedIdentityAssertionOptional.map(validatedIdentityAssertion -> passthroughAssertionUnmarshaller.fromAssertion(validatedIdentityAssertion, true));
    Optional<LevelOfAssurance> levelOfAssurance = passthroughAssertion.flatMap(assertion -> assertion.getAuthnContext()).map(AuthnContext::name).filter(string -> !isNullOrEmpty(string)).map(LevelOfAssurance::valueOf);
    IdpIdaStatus status = statusUnmarshaller.fromSaml(response.getStatus());
    return new InboundResponseFromCountry(response.getIssuer().getValue(), validatedIdentityAssertionOptional.map(Assertion::getSubject).map(Subject::getNameID).map(NameID::getValue), Optional.ofNullable(status).map(IdpIdaStatus::getStatusCode).map(IdpIdaStatus.Status::name), status.getMessage(), passthroughAssertion.map(assertion -> assertionBlobEncrypter.encryptAssertionBlob(matchingServiceEntityId, assertion.getUnderlyingAssertionBlob())), levelOfAssurance);
}
Also used : LevelOfAssurance(uk.gov.ida.hub.samlengine.domain.LevelOfAssurance) StringToOpenSamlObjectTransformer(uk.gov.ida.saml.deserializers.StringToOpenSamlObjectTransformer) Strings.isNullOrEmpty(com.google.common.base.Strings.isNullOrEmpty) Subject(org.opensaml.saml.saml2.core.Subject) IdpIdaStatusUnmarshaller(uk.gov.ida.saml.hub.transformers.inbound.IdpIdaStatusUnmarshaller) ValidatedResponse(uk.gov.ida.saml.security.validators.ValidatedResponse) MdcHelper(uk.gov.ida.hub.samlengine.logging.MdcHelper) ResponseFromCountryValidator(uk.gov.ida.hub.samlengine.validation.country.ResponseFromCountryValidator) SamlResponseSignatureValidator(uk.gov.ida.saml.security.validators.signature.SamlResponseSignatureValidator) Inject(javax.inject.Inject) Assertion(org.opensaml.saml.saml2.core.Assertion) AssertionBlobEncrypter(uk.gov.ida.saml.core.transformers.outbound.decorators.AssertionBlobEncrypter) IDPSSODescriptor(org.opensaml.saml.saml2.metadata.IDPSSODescriptor) AuthnContext(uk.gov.ida.saml.core.domain.AuthnContext) ResponseAssertionsFromCountryValidator(uk.gov.ida.hub.samlengine.validation.country.ResponseAssertionsFromCountryValidator) Response(org.opensaml.saml.saml2.core.Response) PassthroughAssertionUnmarshaller(uk.gov.ida.saml.hub.transformers.inbound.PassthroughAssertionUnmarshaller) AssertionDecrypter(uk.gov.ida.saml.security.AssertionDecrypter) SamlAuthnResponseTranslatorDto(uk.gov.ida.hub.samlengine.contracts.SamlAuthnResponseTranslatorDto) InboundResponseFromCountry(uk.gov.ida.hub.samlengine.domain.InboundResponseFromCountry) List(java.util.List) PassthroughAssertion(uk.gov.ida.saml.core.domain.PassthroughAssertion) LevelOfAssurance(uk.gov.ida.hub.samlengine.domain.LevelOfAssurance) DestinationValidator(uk.gov.ida.saml.core.validators.DestinationValidator) Optional(java.util.Optional) IdpIdaStatus(uk.gov.ida.saml.hub.domain.IdpIdaStatus) NameID(org.opensaml.saml.saml2.core.NameID) SamlAssertionsSignatureValidator(uk.gov.ida.saml.security.SamlAssertionsSignatureValidator) InboundResponseFromCountry(uk.gov.ida.hub.samlengine.domain.InboundResponseFromCountry) PassthroughAssertion(uk.gov.ida.saml.core.domain.PassthroughAssertion) IdpIdaStatus(uk.gov.ida.saml.hub.domain.IdpIdaStatus) Subject(org.opensaml.saml.saml2.core.Subject) AuthnContext(uk.gov.ida.saml.core.domain.AuthnContext)

Example 5 with AuthnContext

use of uk.gov.ida.saml.core.domain.AuthnContext in project verify-hub by alphagov.

the class IdpAuthnResponseTranslatorServiceTest method shouldExtractLevelOfAssurance.

@Test
public void shouldExtractLevelOfAssurance() {
    AuthnContext authnContext = AuthnContext.LEVEL_1;
    when(authStatementAssertion.getAuthnContext()).thenReturn(Optional.of(authnContext));
    when(responseFromIdp.getAuthnStatementAssertion()).thenReturn(of(authStatementAssertion));
    InboundResponseFromIdpDto result = translateAndCheckCommonFields();
    checkAuthnStatementValues(result);
    assertThat(result.getLevelOfAssurance().get().name()).isEqualTo(authnContext.name());
}
Also used : InboundResponseFromIdpDto(uk.gov.ida.hub.samlengine.domain.InboundResponseFromIdpDto) AuthnContext(uk.gov.ida.saml.core.domain.AuthnContext) Test(org.junit.Test)

Aggregations

AuthnContext (uk.gov.ida.saml.core.domain.AuthnContext)8 Test (org.junit.Test)5 InboundResponseFromMatchingServiceDto (uk.gov.ida.hub.samlengine.contracts.InboundResponseFromMatchingServiceDto)5 SamlResponseDto (uk.gov.ida.hub.samlengine.domain.SamlResponseDto)4 FraudDetectedDetails (uk.gov.ida.saml.core.domain.FraudDetectedDetails)4 MatchingServiceIdaStatus (uk.gov.ida.saml.hub.transformers.inbound.MatchingServiceIdaStatus)4 Response (org.opensaml.saml.saml2.core.Response)2 LevelOfAssurance (uk.gov.ida.hub.samlengine.domain.LevelOfAssurance)2 Strings.isNullOrEmpty (com.google.common.base.Strings.isNullOrEmpty)1 List (java.util.List)1 Optional (java.util.Optional)1 Inject (javax.inject.Inject)1 Assertion (org.opensaml.saml.saml2.core.Assertion)1 AuthnContextComparisonTypeEnumeration (org.opensaml.saml.saml2.core.AuthnContextComparisonTypeEnumeration)1 NameID (org.opensaml.saml.saml2.core.NameID)1 Subject (org.opensaml.saml.saml2.core.Subject)1 IDPSSODescriptor (org.opensaml.saml.saml2.metadata.IDPSSODescriptor)1 SamlAuthnResponseTranslatorDto (uk.gov.ida.hub.samlengine.contracts.SamlAuthnResponseTranslatorDto)1 InboundResponseFromCountry (uk.gov.ida.hub.samlengine.domain.InboundResponseFromCountry)1 InboundResponseFromIdpDto (uk.gov.ida.hub.samlengine.domain.InboundResponseFromIdpDto)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial