Example 1 with PassthroughAssertion
use of uk.gov.ida.saml.core.domain.PassthroughAssertion in project verify-hub by alphagov.
the class CountryAuthnResponseTranslatorService method toModel.
private InboundResponseFromCountry toModel(ValidatedResponse response, Optional<Assertion> validatedIdentityAssertionOptional, String matchingServiceEntityId) {
Optional<PassthroughAssertion> passthroughAssertion = validatedIdentityAssertionOptional.map(validatedIdentityAssertion -> passthroughAssertionUnmarshaller.fromAssertion(validatedIdentityAssertion, true));
Optional<LevelOfAssurance> levelOfAssurance = passthroughAssertion.flatMap(assertion -> assertion.getAuthnContext()).map(AuthnContext::name).filter(string -> !isNullOrEmpty(string)).map(LevelOfAssurance::valueOf);
IdpIdaStatus status = statusUnmarshaller.fromSaml(response.getStatus());
return new InboundResponseFromCountry(response.getIssuer().getValue(), validatedIdentityAssertionOptional.map(Assertion::getSubject).map(Subject::getNameID).map(NameID::getValue), Optional.ofNullable(status).map(IdpIdaStatus::getStatusCode).map(IdpIdaStatus.Status::name), status.getMessage(), passthroughAssertion.map(assertion -> assertionBlobEncrypter.encryptAssertionBlob(matchingServiceEntityId, assertion.getUnderlyingAssertionBlob())), levelOfAssurance);
}
Also used :
LevelOfAssurance(uk.gov.ida.hub.samlengine.domain.LevelOfAssurance)
StringToOpenSamlObjectTransformer(uk.gov.ida.saml.deserializers.StringToOpenSamlObjectTransformer)
Strings.isNullOrEmpty(com.google.common.base.Strings.isNullOrEmpty)
Subject(org.opensaml.saml.saml2.core.Subject)
IdpIdaStatusUnmarshaller(uk.gov.ida.saml.hub.transformers.inbound.IdpIdaStatusUnmarshaller)
ValidatedResponse(uk.gov.ida.saml.security.validators.ValidatedResponse)
MdcHelper(uk.gov.ida.hub.samlengine.logging.MdcHelper)
ResponseFromCountryValidator(uk.gov.ida.hub.samlengine.validation.country.ResponseFromCountryValidator)
SamlResponseSignatureValidator(uk.gov.ida.saml.security.validators.signature.SamlResponseSignatureValidator)
Inject(javax.inject.Inject)
Assertion(org.opensaml.saml.saml2.core.Assertion)
AssertionBlobEncrypter(uk.gov.ida.saml.core.transformers.outbound.decorators.AssertionBlobEncrypter)
IDPSSODescriptor(org.opensaml.saml.saml2.metadata.IDPSSODescriptor)
AuthnContext(uk.gov.ida.saml.core.domain.AuthnContext)
ResponseAssertionsFromCountryValidator(uk.gov.ida.hub.samlengine.validation.country.ResponseAssertionsFromCountryValidator)
Response(org.opensaml.saml.saml2.core.Response)
PassthroughAssertionUnmarshaller(uk.gov.ida.saml.hub.transformers.inbound.PassthroughAssertionUnmarshaller)
AssertionDecrypter(uk.gov.ida.saml.security.AssertionDecrypter)
SamlAuthnResponseTranslatorDto(uk.gov.ida.hub.samlengine.contracts.SamlAuthnResponseTranslatorDto)
InboundResponseFromCountry(uk.gov.ida.hub.samlengine.domain.InboundResponseFromCountry)
List(java.util.List)
PassthroughAssertion(uk.gov.ida.saml.core.domain.PassthroughAssertion)
LevelOfAssurance(uk.gov.ida.hub.samlengine.domain.LevelOfAssurance)
DestinationValidator(uk.gov.ida.saml.core.validators.DestinationValidator)
Optional(java.util.Optional)
IdpIdaStatus(uk.gov.ida.saml.hub.domain.IdpIdaStatus)
NameID(org.opensaml.saml.saml2.core.NameID)
SamlAssertionsSignatureValidator(uk.gov.ida.saml.security.SamlAssertionsSignatureValidator)
InboundResponseFromCountry(uk.gov.ida.hub.samlengine.domain.InboundResponseFromCountry)
PassthroughAssertion(uk.gov.ida.saml.core.domain.PassthroughAssertion)
IdpIdaStatus(uk.gov.ida.saml.hub.domain.IdpIdaStatus)
Subject(org.opensaml.saml.saml2.core.Subject)
AuthnContext(uk.gov.ida.saml.core.domain.AuthnContext)
Example 2 with PassthroughAssertion
use of uk.gov.ida.saml.core.domain.PassthroughAssertion in project verify-hub by alphagov.
the class IdpAuthnResponseTranslatorServiceTest method shouldEncryptMatchingDatasetAssertion.
@Test
public void shouldEncryptMatchingDatasetAssertion() throws Exception {
PassthroughAssertion assertion = Mockito.mock(PassthroughAssertion.class);
when(assertion.getUnderlyingAssertionBlob()).thenReturn(matchingDatasetUnderlyingAssertionBlob);
when(responseFromIdp.getMatchingDatasetAssertion()).thenReturn(of(assertion));
String expectedEncryptedBlob = "some-value";
final String entityId = "entity-id";
when(responseContainer.getMatchingServiceEntityId()).thenReturn(entityId);
when(assertionBlobEncrypter.encryptAssertionBlob(entityId, matchingDatasetUnderlyingAssertionBlob)).thenReturn(expectedEncryptedBlob);
InboundResponseFromIdpDto result = translateAndCheckCommonFields();
assertThat(result.getEncryptedMatchingDatasetAssertion().get()).isEqualTo(expectedEncryptedBlob);
}
Also used :
InboundResponseFromIdpDto(uk.gov.ida.hub.samlengine.domain.InboundResponseFromIdpDto)
PassthroughAssertion(uk.gov.ida.saml.core.domain.PassthroughAssertion)
Test(org.junit.Test)
Example 3 with PassthroughAssertion
use of uk.gov.ida.saml.core.domain.PassthroughAssertion in project verify-hub by alphagov.
the class MatchingServiceResponseTranslatorServiceTest method setUpForTranslate.
private void setUpForTranslate(Optional<AuthnContext> authnContext, Optional<FraudDetectedDetails> fraudDetectedDetails, String underlyingAssertionBlob, String inResponseTo, String issuer, String samlResponse, MatchingServiceIdaStatus status) {
final PassthroughAssertion assertion = new PassthroughAssertion(new PersistentId("persistentId"), authnContext, underlyingAssertionBlob, fraudDetectedDetails, Optional.of("principalIpAddressAsSeenByIdp"));
final InboundResponseFromMatchingService inboundResponseFromMatchingService = InboundResponseFromMatchingServiceBuilder.anInboundResponseFromMatchingService().withInResponseTo(inResponseTo).withIssuerId(issuer).withMatchingServiceAssertion(assertion).withStatus(status).build();
Response response = mock(Response.class);
Issuer responseIssuer = mock(Issuer.class);
when(response.getIssuer()).thenReturn(responseIssuer);
when(responseUnmarshaller.apply(samlResponse)).thenReturn(response);
when(responseToInboundResponseFromMatchingServiceTransformer.transform(response)).thenReturn(inboundResponseFromMatchingService);
}
Also used :
Response(org.opensaml.saml.saml2.core.Response)
PassthroughAssertion(uk.gov.ida.saml.core.domain.PassthroughAssertion)
Issuer(org.opensaml.saml.saml2.core.Issuer)
PersistentId(uk.gov.ida.saml.core.domain.PersistentId)
InboundResponseFromMatchingService(uk.gov.ida.saml.hub.domain.InboundResponseFromMatchingService)
Aggregations
PassthroughAssertion (uk.gov.ida.saml.core.domain.PassthroughAssertion)3
Response (org.opensaml.saml.saml2.core.Response)2
Strings.isNullOrEmpty (com.google.common.base.Strings.isNullOrEmpty)1
List (java.util.List)1
Optional (java.util.Optional)1
Inject (javax.inject.Inject)1
Test (org.junit.Test)1
Assertion (org.opensaml.saml.saml2.core.Assertion)1
Issuer (org.opensaml.saml.saml2.core.Issuer)1
NameID (org.opensaml.saml.saml2.core.NameID)1
Subject (org.opensaml.saml.saml2.core.Subject)1
IDPSSODescriptor (org.opensaml.saml.saml2.metadata.IDPSSODescriptor)1
SamlAuthnResponseTranslatorDto (uk.gov.ida.hub.samlengine.contracts.SamlAuthnResponseTranslatorDto)1
InboundResponseFromCountry (uk.gov.ida.hub.samlengine.domain.InboundResponseFromCountry)1
InboundResponseFromIdpDto (uk.gov.ida.hub.samlengine.domain.InboundResponseFromIdpDto)1
LevelOfAssurance (uk.gov.ida.hub.samlengine.domain.LevelOfAssurance)1
MdcHelper (uk.gov.ida.hub.samlengine.logging.MdcHelper)1
ResponseAssertionsFromCountryValidator (uk.gov.ida.hub.samlengine.validation.country.ResponseAssertionsFromCountryValidator)1
ResponseFromCountryValidator (uk.gov.ida.hub.samlengine.validation.country.ResponseFromCountryValidator)1
AuthnContext (uk.gov.ida.saml.core.domain.AuthnContext)1
