Search in sources :

Example 1 with ResponseAssertionSigner

use of uk.gov.ida.saml.core.transformers.outbound.decorators.ResponseAssertionSigner in project verify-hub by alphagov.

the class SamlMessageSenderApiResourceTest method sendSignedJsonAuthnResponseFromHub_shouldRespondWithNextLocation.

@Test
public void sendSignedJsonAuthnResponseFromHub_shouldRespondWithNextLocation() throws Exception {
    SessionId sessionId = SessionId.createNewSessionId();
    URI nextLocationUri = URI.create("http://blah");
    String requestId = UUID.randomUUID().toString();
    ResponseAssertionSigner responseAssertionSigner = new ResponseAssertionSigner(new SignatureFactory(new IdaKeyStoreCredentialRetriever(getKeyStore()), SIGNATURE_ALGORITHM, DIGEST_ALGORITHM));
    Function<OutboundResponseFromHub, String> outboundResponseFromHubToStringTransformer = new HubTransformersFactory().getOutboundResponseFromHubToStringTransformer(new HardCodedKeyStore(HUB_ENTITY_ID), getKeyStore(), new IdpHardCodedEntityToEncryptForLocator(), responseAssertionSigner, SIGNATURE_ALGORITHM, DIGEST_ALGORITHM);
    OutboundResponseFromHub authnResponseFromHub = anAuthnResponse().withInResponseTo(requestId).withIssuerId(HUB_ENTITY_ID).withTransactionIdaStatus(TransactionIdaStatus.Success).buildOutboundResponseFromHub();
    String samlString = outboundResponseFromHubToStringTransformer.apply(authnResponseFromHub);
    AuthnResponseFromHubContainerDto authnResponseFromHubContainerDto = new AuthnResponseFromHubContainerDto(samlString, nextLocationUri, com.google.common.base.Optional.absent(), authnResponseFromHub.getId());
    policyStubRule.anAuthnResponseFromHubToRp(sessionId, authnResponseFromHubContainerDto);
    javax.ws.rs.core.Response response = getResponseFromSamlProxy(Urls.SamlProxyUrls.SEND_RESPONSE_FROM_HUB_API_RESOURCE, sessionId);
    assertThat(response.readEntity(SamlMessageSenderHandler.SamlMessage.class).getPostEndpoint()).isEqualTo(nextLocationUri.toASCIIString());
}
Also used : HubTransformersFactory(uk.gov.ida.saml.hub.api.HubTransformersFactory) HardCodedKeyStore(uk.gov.ida.saml.core.test.HardCodedKeyStore) AuthnResponseFromHubContainerDto(uk.gov.ida.hub.samlproxy.contracts.AuthnResponseFromHubContainerDto) URI(java.net.URI) ResponseAssertionSigner(uk.gov.ida.saml.core.transformers.outbound.decorators.ResponseAssertionSigner) IdaKeyStoreCredentialRetriever(uk.gov.ida.saml.security.IdaKeyStoreCredentialRetriever) OutboundResponseFromHub(uk.gov.ida.saml.core.domain.OutboundResponseFromHub) Response(javax.ws.rs.core.Response) SignatureFactory(uk.gov.ida.saml.security.SignatureFactory) SessionId(uk.gov.ida.common.SessionId) Test(org.junit.Test)

Aggregations

URI (java.net.URI)1 Response (javax.ws.rs.core.Response)1 Test (org.junit.Test)1 SessionId (uk.gov.ida.common.SessionId)1 AuthnResponseFromHubContainerDto (uk.gov.ida.hub.samlproxy.contracts.AuthnResponseFromHubContainerDto)1 OutboundResponseFromHub (uk.gov.ida.saml.core.domain.OutboundResponseFromHub)1 HardCodedKeyStore (uk.gov.ida.saml.core.test.HardCodedKeyStore)1 ResponseAssertionSigner (uk.gov.ida.saml.core.transformers.outbound.decorators.ResponseAssertionSigner)1 HubTransformersFactory (uk.gov.ida.saml.hub.api.HubTransformersFactory)1 IdaKeyStoreCredentialRetriever (uk.gov.ida.saml.security.IdaKeyStoreCredentialRetriever)1 SignatureFactory (uk.gov.ida.saml.security.SignatureFactory)1