Examples with IssuerValidator uk.gov.ida.saml.security.validators.issuer.IssuerValidator used on opensource projects

Search in sources :

Example 1 with IssuerValidator

use of uk.gov.ida.saml.security.validators.issuer.IssuerValidator in project verify-hub by alphagov.

the class AuthnRequestFromTransactionValidatorTest method setup.

@BeforeAll
public static void setup() {
    SamlDuplicateRequestValidationConfiguration samlDuplicateRequestValidationConfiguration = () -> Duration.hours(2);
    SamlAuthnRequestValidityDurationConfiguration samlAuthnRequestValidityDurationConfiguration = () -> Duration.minutes(5);
    IdExpirationCache idExpirationCache = new ConcurrentMapIdExpirationCache(new ConcurrentHashMap<>());
    validator = new AuthnRequestFromTransactionValidator(new IssuerValidator(), new DuplicateAuthnRequestValidator(idExpirationCache, samlDuplicateRequestValidationConfiguration), new AuthnRequestIssueInstantValidator(samlAuthnRequestValidityDurationConfiguration));
}
Also used : SamlDuplicateRequestValidationConfiguration(uk.gov.ida.saml.hub.configuration.SamlDuplicateRequestValidationConfiguration) IssuerValidator(uk.gov.ida.saml.security.validators.issuer.IssuerValidator) SamlAuthnRequestValidityDurationConfiguration(uk.gov.ida.saml.hub.configuration.SamlAuthnRequestValidityDurationConfiguration) BeforeAll(org.junit.jupiter.api.BeforeAll)

Example 2 with IssuerValidator

use of uk.gov.ida.saml.security.validators.issuer.IssuerValidator in project verify-hub by alphagov.

the class HubTransformersFactory method getResponseToInboundResponseFromMatchingServiceTransformer.

public DecoratedSamlResponseToInboundResponseFromMatchingServiceTransformer getResponseToInboundResponseFromMatchingServiceTransformer(SigningKeyStore signingKeyStore, IdaKeyStore keyStore, String hubEntityId) {
    ResponseAssertionsFromMatchingServiceValidator responseAssertionsFromMatchingServiceValidator = new ResponseAssertionsFromMatchingServiceValidator(new AssertionValidator(new IssuerValidator(), new AssertionSubjectValidator(), new AssertionAttributeStatementValidator(), new BasicAssertionSubjectConfirmationValidator()), hubEntityId);
    InboundResponseFromMatchingServiceUnmarshaller inboundResponseFromMatchingServiceUnmarshaller = new InboundResponseFromMatchingServiceUnmarshaller(getAssertionToPassthroughAssertionTransformer(), new MatchingServiceIdaStatusUnmarshaller());
    SignatureValidator signatureValidator = getSignatureValidator(signingKeyStore);
    MatchingServiceResponseValidator matchingServiceResponseValidator = new MatchingServiceResponseValidator(new EncryptedResponseFromMatchingServiceValidator(), getSamlResponseSignatureValidator(signatureValidator), new AssertionsDecrypters(getSamlResponseAssertionDecrypters(keyStore)), getSamlAssertionsSignatureValidator(signatureValidator), responseAssertionsFromMatchingServiceValidator);
    return new DecoratedSamlResponseToInboundResponseFromMatchingServiceTransformer(matchingServiceResponseValidator, inboundResponseFromMatchingServiceUnmarshaller);
}
Also used : AssertionSubjectValidator(uk.gov.ida.saml.core.validators.subject.AssertionSubjectValidator) IssuerValidator(uk.gov.ida.saml.security.validators.issuer.IssuerValidator) AssertionAttributeStatementValidator(uk.gov.ida.saml.core.validation.assertion.AssertionAttributeStatementValidator) DecoratedSamlResponseToInboundResponseFromMatchingServiceTransformer(uk.gov.ida.saml.hub.transformers.inbound.providers.DecoratedSamlResponseToInboundResponseFromMatchingServiceTransformer) AssertionValidator(uk.gov.ida.saml.core.validation.assertion.AssertionValidator) MatchingDatasetAssertionValidator(uk.gov.ida.saml.core.validators.assertion.MatchingDatasetAssertionValidator) AuthnStatementAssertionValidator(uk.gov.ida.saml.core.validators.assertion.AuthnStatementAssertionValidator) IdentityProviderAssertionValidator(uk.gov.ida.saml.core.validation.assertion.IdentityProviderAssertionValidator) BasicAssertionSubjectConfirmationValidator(uk.gov.ida.saml.core.validation.subjectconfirmation.BasicAssertionSubjectConfirmationValidator) MatchingServiceResponseValidator(uk.gov.ida.saml.hub.validators.response.matchingservice.MatchingServiceResponseValidator) MatchingServiceIdaStatusUnmarshaller(uk.gov.ida.saml.hub.transformers.inbound.MatchingServiceIdaStatusUnmarshaller) ResponseAssertionsFromMatchingServiceValidator(uk.gov.ida.saml.hub.validators.response.matchingservice.ResponseAssertionsFromMatchingServiceValidator) AssertionsDecrypters(uk.gov.ida.saml.core.security.AssertionsDecrypters) InboundResponseFromMatchingServiceUnmarshaller(uk.gov.ida.saml.hub.transformers.inbound.InboundResponseFromMatchingServiceUnmarshaller) EncryptedResponseFromMatchingServiceValidator(uk.gov.ida.saml.hub.validators.response.matchingservice.EncryptedResponseFromMatchingServiceValidator) SamlMessageSignatureValidator(uk.gov.ida.saml.security.SamlMessageSignatureValidator) SamlAssertionsSignatureValidator(uk.gov.ida.saml.security.SamlAssertionsSignatureValidator) SignatureValidator(uk.gov.ida.saml.security.SignatureValidator) SamlResponseSignatureValidator(uk.gov.ida.saml.security.validators.signature.SamlResponseSignatureValidator)

Example 3 with IssuerValidator

use of uk.gov.ida.saml.security.validators.issuer.IssuerValidator in project verify-hub by alphagov.

the class HubTransformersFactory method getAuthnRequestToAuthnRequestFromTransactionTransformer.

public AuthnRequestToIdaRequestFromRelyingPartyTransformer getAuthnRequestToAuthnRequestFromTransactionTransformer(final URI expectedDestinationHost, final SigningKeyStore signingKeyStore, final IdaKeyStore decryptionKeyStore, final IdExpirationCache duplicateIds, final SamlDuplicateRequestValidationConfiguration samlDuplicateRequestValidationConfiguration, final SamlAuthnRequestValidityDurationConfiguration samlAuthnRequestValidityDurationConfiguration) {
    List<Credential> credential = new IdaKeyStoreCredentialRetriever(decryptionKeyStore).getDecryptingCredentials();
    Decrypter decrypter = decrypterFactory.createDecrypter(credential);
    return new AuthnRequestToIdaRequestFromRelyingPartyTransformer(new AuthnRequestFromRelyingPartyUnmarshaller(decrypter), coreTransformersFactory.getSamlRequestSignatureValidator(signingKeyStore), new DestinationValidator(expectedDestinationHost, Endpoints.SSO_REQUEST_ENDPOINT), new AuthnRequestFromTransactionValidator(new IssuerValidator(), new DuplicateAuthnRequestValidator(duplicateIds, samlDuplicateRequestValidationConfiguration), new AuthnRequestIssueInstantValidator(samlAuthnRequestValidityDurationConfiguration)));
}
Also used : Credential(org.opensaml.security.credential.Credential) IdaKeyStoreCredentialRetriever(uk.gov.ida.saml.security.IdaKeyStoreCredentialRetriever) IssuerValidator(uk.gov.ida.saml.security.validators.issuer.IssuerValidator) AuthnRequestFromRelyingPartyUnmarshaller(uk.gov.ida.saml.hub.transformers.inbound.AuthnRequestFromRelyingPartyUnmarshaller) DuplicateAuthnRequestValidator(uk.gov.ida.saml.hub.validators.authnrequest.DuplicateAuthnRequestValidator) Decrypter(org.opensaml.saml.saml2.encryption.Decrypter) AssertionDecrypter(uk.gov.ida.saml.security.AssertionDecrypter) AuthnRequestToIdaRequestFromRelyingPartyTransformer(uk.gov.ida.saml.hub.transformers.inbound.AuthnRequestToIdaRequestFromRelyingPartyTransformer) AuthnRequestIssueInstantValidator(uk.gov.ida.saml.hub.validators.authnrequest.AuthnRequestIssueInstantValidator) AuthnRequestFromTransactionValidator(uk.gov.ida.saml.hub.validators.authnrequest.AuthnRequestFromTransactionValidator) DestinationValidator(uk.gov.ida.saml.core.validators.DestinationValidator)

Aggregations

IssuerValidator (uk.gov.ida.saml.security.validators.issuer.IssuerValidator)3 BeforeAll (org.junit.jupiter.api.BeforeAll)1 Decrypter (org.opensaml.saml.saml2.encryption.Decrypter)1 Credential (org.opensaml.security.credential.Credential)1 AssertionsDecrypters (uk.gov.ida.saml.core.security.AssertionsDecrypters)1 AssertionAttributeStatementValidator (uk.gov.ida.saml.core.validation.assertion.AssertionAttributeStatementValidator)1 AssertionValidator (uk.gov.ida.saml.core.validation.assertion.AssertionValidator)1 IdentityProviderAssertionValidator (uk.gov.ida.saml.core.validation.assertion.IdentityProviderAssertionValidator)1 BasicAssertionSubjectConfirmationValidator (uk.gov.ida.saml.core.validation.subjectconfirmation.BasicAssertionSubjectConfirmationValidator)1 DestinationValidator (uk.gov.ida.saml.core.validators.DestinationValidator)1 AuthnStatementAssertionValidator (uk.gov.ida.saml.core.validators.assertion.AuthnStatementAssertionValidator)1 MatchingDatasetAssertionValidator (uk.gov.ida.saml.core.validators.assertion.MatchingDatasetAssertionValidator)1 AssertionSubjectValidator (uk.gov.ida.saml.core.validators.subject.AssertionSubjectValidator)1 SamlAuthnRequestValidityDurationConfiguration (uk.gov.ida.saml.hub.configuration.SamlAuthnRequestValidityDurationConfiguration)1 SamlDuplicateRequestValidationConfiguration (uk.gov.ida.saml.hub.configuration.SamlDuplicateRequestValidationConfiguration)1 AuthnRequestFromRelyingPartyUnmarshaller (uk.gov.ida.saml.hub.transformers.inbound.AuthnRequestFromRelyingPartyUnmarshaller)1 AuthnRequestToIdaRequestFromRelyingPartyTransformer (uk.gov.ida.saml.hub.transformers.inbound.AuthnRequestToIdaRequestFromRelyingPartyTransformer)1 InboundResponseFromMatchingServiceUnmarshaller (uk.gov.ida.saml.hub.transformers.inbound.InboundResponseFromMatchingServiceUnmarshaller)1 MatchingServiceIdaStatusUnmarshaller (uk.gov.ida.saml.hub.transformers.inbound.MatchingServiceIdaStatusUnmarshaller)1 DecoratedSamlResponseToInboundResponseFromMatchingServiceTransformer (uk.gov.ida.saml.hub.transformers.inbound.providers.DecoratedSamlResponseToInboundResponseFromMatchingServiceTransformer)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial