use of uk.gov.ida.saml.core.test.builders.ResponseBuilder in project verify-hub by alphagov.
the class AuthnResponseFactory method aResponseFromIdpBuilder.
public ResponseBuilder aResponseFromIdpBuilder(String idpEntityId, String ipAddressSeenByIdp, String requestId, DateTime issueInstant, String authnStatementAssertionId, String authnAssertionSubjectPid, String authnAssertionIssuer, String authnAssertionInResponseTo, String mdsStatementAssertionId, String mdsAssertionSubjectPid, String mdsAssertionIssuer, String mdsAssertionInResponseTo, Optional<BasicCredential> basicCredential) throws Exception {
TestCredentialFactory idpSigningCredentialFactory = new TestCredentialFactory(publicSigningCerts.get(idpEntityId), privateSigningKeys.get(idpEntityId));
final Subject mdsAssertionSubject = SubjectBuilder.aSubject().withPersistentId(mdsAssertionSubjectPid).withSubjectConfirmation(SubjectConfirmationBuilder.aSubjectConfirmation().withSubjectConfirmationData(SubjectConfirmationDataBuilder.aSubjectConfirmationData().withInResponseTo(mdsAssertionInResponseTo).build()).build()).build();
final Subject authnAssertionSubject = SubjectBuilder.aSubject().withNameId(buildNameID(authnAssertionSubjectPid)).withSubjectConfirmation(SubjectConfirmationBuilder.aSubjectConfirmation().withSubjectConfirmationData(SubjectConfirmationDataBuilder.aSubjectConfirmationData().withInResponseTo(authnAssertionInResponseTo).build()).build()).build();
final AttributeStatement matchingDatasetAttributeStatement = MatchingDatasetAttributeStatementBuilder_1_1.aMatchingDatasetAttributeStatement_1_1().build();
final Credential encryptingCredential;
if (basicCredential.isPresent()) {
encryptingCredential = basicCredential.get();
} else {
encryptingCredential = hubEncryptionCredentialFactory.getEncryptingCredential();
}
final Credential signingCredential = idpSigningCredentialFactory.getSigningCredential();
final AssertionBuilder mdsAssertion = AssertionBuilder.anAssertion().withId(generateId()).withIssuer(IssuerBuilder.anIssuer().withIssuerId(mdsAssertionIssuer).build()).withSubject(mdsAssertionSubject).withId(mdsStatementAssertionId).addAttributeStatement(matchingDatasetAttributeStatement);
final AssertionBuilder authnAssertion = AssertionBuilder.anAssertion().withId(generateId()).addAttributeStatement(anAttributeStatement().addAttribute(anIPAddress().withValue(ipAddressSeenByIdp).build()).build()).withIssuer(IssuerBuilder.anIssuer().withIssuerId(authnAssertionIssuer).build()).withSubject(authnAssertionSubject).withId(authnStatementAssertionId).withIssueInstant(issueInstant).addAuthnStatement(AuthnStatementBuilder.anAuthnStatement().build());
ResponseBuilder responseBuilder = ResponseBuilder.aResponse().withId(generateId()).withIssuer(IssuerBuilder.anIssuer().withIssuerId(idpEntityId).build()).withSigningCredential(signingCredential).withInResponseTo(requestId).addEncryptedAssertion(mdsAssertion.withSignature(SignatureBuilder.aSignature().withSigningCredential(signingCredential).build()).buildWithEncrypterCredential(encryptingCredential)).addEncryptedAssertion(authnAssertion.withSignature(SignatureBuilder.aSignature().withSigningCredential(signingCredential).build()).buildWithEncrypterCredential(encryptingCredential));
return responseBuilder;
}
use of uk.gov.ida.saml.core.test.builders.ResponseBuilder in project verify-hub by alphagov.
the class AuthnResponseFactory method aFraudResponseFromIdpBuilder.
public ResponseBuilder aFraudResponseFromIdpBuilder(String idpEntityId, String persistentId) throws Exception {
TestCredentialFactory idpSigningCredentialFactory = new TestCredentialFactory(publicSigningCerts.get(idpEntityId), privateSigningKeys.get(idpEntityId));
String requestId = generateId();
final Subject mdsAssertionSubject = SubjectBuilder.aSubject().withPersistentId(persistentId).withSubjectConfirmation(SubjectConfirmationBuilder.aSubjectConfirmation().withSubjectConfirmationData(SubjectConfirmationDataBuilder.aSubjectConfirmationData().withInResponseTo(requestId).build()).build()).build();
final Subject authnAssertionSubject = SubjectBuilder.aSubject().withNameId(buildNameID(persistentId)).withSubjectConfirmation(SubjectConfirmationBuilder.aSubjectConfirmation().withSubjectConfirmationData(SubjectConfirmationDataBuilder.aSubjectConfirmationData().withInResponseTo(requestId).build()).build()).build();
final AttributeStatement matchingDatasetAttributeStatement = MatchingDatasetAttributeStatementBuilder_1_1.aMatchingDatasetAttributeStatement_1_1().build();
final Credential encryptingCredential = hubEncryptionCredentialFactory.getEncryptingCredential();
final Credential signingCredential = idpSigningCredentialFactory.getSigningCredential();
final AssertionBuilder mdsAssertion = AssertionBuilder.anAssertion().withId(generateId()).withIssuer(IssuerBuilder.anIssuer().withIssuerId(idpEntityId).build()).withSubject(mdsAssertionSubject).addAttributeStatement(matchingDatasetAttributeStatement);
final AssertionBuilder authnAssertion = AssertionBuilder.anAssertion().withId(generateId()).addAttributeStatement(anAttributeStatement().addAttribute(IdpFraudEventIdAttributeBuilder.anIdpFraudEventIdAttribute().withValue("a-fraud-event").build()).addAttribute(Gpg45StatusAttributeBuilder.aGpg45StatusAttribute().withValue("IT01").build()).addAttribute(anIPAddress().build()).build()).withIssuer(IssuerBuilder.anIssuer().withIssuerId(idpEntityId).build()).withSubject(authnAssertionSubject).addAuthnStatement(AuthnStatementBuilder.anAuthnStatement().withAuthnContext(AuthnContextBuilder.anAuthnContext().withAuthnContextClassRef(AuthnContextClassRefBuilder.anAuthnContextClassRef().withAuthnContextClasRefValue(IdaAuthnContext.LEVEL_X_AUTHN_CTX).build()).build()).build());
ResponseBuilder responseBuilder = ResponseBuilder.aResponse().withId(generateId()).withIssuer(IssuerBuilder.anIssuer().withIssuerId(idpEntityId).build()).withInResponseTo(requestId).addEncryptedAssertion(mdsAssertion.withSignature(SignatureBuilder.aSignature().withSigningCredential(signingCredential).build()).buildWithEncrypterCredential(encryptingCredential)).addEncryptedAssertion(authnAssertion.withSignature(SignatureBuilder.aSignature().withSigningCredential(signingCredential).build()).buildWithEncrypterCredential(encryptingCredential));
return responseBuilder;
}
Aggregations