use of uk.gov.ida.saml.core.transformers.outbound.decorators.ResponseAssertionSigner in project verify-hub by alphagov.
the class SamlMessageSenderApiResourceTest method sendSignedJsonAuthnResponseFromHub_shouldRespondWithNextLocation.
@Test
public void sendSignedJsonAuthnResponseFromHub_shouldRespondWithNextLocation() throws Exception {
SessionId sessionId = SessionId.createNewSessionId();
URI nextLocationUri = URI.create("http://blah");
String requestId = UUID.randomUUID().toString();
ResponseAssertionSigner responseAssertionSigner = new ResponseAssertionSigner(new SignatureFactory(new IdaKeyStoreCredentialRetriever(getKeyStore()), SIGNATURE_ALGORITHM, DIGEST_ALGORITHM));
Function<OutboundResponseFromHub, String> outboundResponseFromHubToStringTransformer = new HubTransformersFactory().getOutboundResponseFromHubToStringTransformer(new HardCodedKeyStore(HUB_ENTITY_ID), getKeyStore(), new IdpHardCodedEntityToEncryptForLocator(), responseAssertionSigner, SIGNATURE_ALGORITHM, DIGEST_ALGORITHM);
OutboundResponseFromHub authnResponseFromHub = anAuthnResponse().withInResponseTo(requestId).withIssuerId(HUB_ENTITY_ID).withTransactionIdaStatus(TransactionIdaStatus.Success).buildOutboundResponseFromHub();
String samlString = outboundResponseFromHubToStringTransformer.apply(authnResponseFromHub);
AuthnResponseFromHubContainerDto authnResponseFromHubContainerDto = new AuthnResponseFromHubContainerDto(samlString, nextLocationUri, com.google.common.base.Optional.absent(), authnResponseFromHub.getId());
policyStubRule.anAuthnResponseFromHubToRp(sessionId, authnResponseFromHubContainerDto);
javax.ws.rs.core.Response response = getResponseFromSamlProxy(Urls.SamlProxyUrls.SEND_RESPONSE_FROM_HUB_API_RESOURCE, sessionId);
assertThat(response.readEntity(SamlMessageSenderHandler.SamlMessage.class).getPostEndpoint()).isEqualTo(nextLocationUri.toASCIIString());
}
Aggregations