Boolean emailVerified) { NameID usernameID = mock(NameID.class); when(usernameID.getValue()).thenReturn(username);
@Test public void testBuildResponseWithSignedAssertion() throws MessageEncodingException, SAMLException, MetadataProviderException, SecurityException, MarshallingException, SignatureException { String authenticationId = UUID.randomUUID().toString(); Authentication authentication = samlTestUtils.mockUaaAuthentication(authenticationId); SAMLMessageContext context = samlTestUtils.mockSamlMessageContext(); IdpWebSSOProfileOptions options = new IdpWebSSOProfileOptions(); options.setAssertionsSigned(true); profile.buildResponse(authentication, context, options); AuthnRequest request = (AuthnRequest) context.getInboundSAMLMessage(); Response response = (Response) context.getOutboundSAMLMessage(); Assertion assertion = response.getAssertions().get(0); Subject subject = assertion.getSubject(); assertEquals("marissa", subject.getNameID().getValue()); SubjectConfirmation subjectConfirmation = subject.getSubjectConfirmations().get(0); SubjectConfirmationData subjectConfirmationData = subjectConfirmation.getSubjectConfirmationData(); assertEquals(request.getID(), subjectConfirmationData.getInResponseTo()); verifyAssertionAttributes(authenticationId, assertion); assertNotNull(assertion.getSignature()); }
@Test public void testBuildResponseForSamlRequestWithEmailAddressNameID() throws MessageEncodingException, SAMLException, MetadataProviderException, SecurityException, MarshallingException, SignatureException { String authenticationId = UUID.randomUUID().toString(); Authentication authentication = samlTestUtils.mockUaaAuthentication(authenticationId); SAMLMessageContext context = samlTestUtils.mockSamlMessageContext( samlTestUtils.mockAuthnRequest(NameIDType.EMAIL)); IdpWebSSOProfileOptions options = new IdpWebSSOProfileOptions(); options.setAssertionsSigned(false); profile.buildResponse(authentication, context, options); AuthnRequest request = (AuthnRequest) context.getInboundSAMLMessage(); Response response = (Response) context.getOutboundSAMLMessage(); Assertion assertion = response.getAssertions().get(0); Subject subject = assertion.getSubject(); assertEquals("marissa@testing.org", subject.getNameID().getValue()); assertEquals(NameIDType.EMAIL, subject.getNameID().getFormat()); SubjectConfirmation subjectConfirmation = subject.getSubjectConfirmations().get(0); SubjectConfirmationData subjectConfirmationData = subjectConfirmation.getSubjectConfirmationData(); assertEquals(request.getID(), subjectConfirmationData.getInResponseTo()); verifyAssertionAttributes(authenticationId, assertion); }
@Test public void testBuildResponseForSamlRequestWithPersistentNameID() throws Exception { String authenticationId = UUID.randomUUID().toString(); Authentication authentication = samlTestUtils.mockUaaAuthentication(authenticationId); SAMLMessageContext context = samlTestUtils.mockSamlMessageContext(samlTestUtils.mockAuthnRequest(NameIDType.PERSISTENT)); IdpWebSSOProfileOptions options = new IdpWebSSOProfileOptions(); options.setAssertionsSigned(false); profile.buildResponse(authentication, context, options); AuthnRequest request = (AuthnRequest) context.getInboundSAMLMessage(); Response response = (Response) context.getOutboundSAMLMessage(); Assertion assertion = response.getAssertions().get(0); Subject subject = assertion.getSubject(); assertEquals(authenticationId, subject.getNameID().getValue()); assertEquals(NameIDType.PERSISTENT, subject.getNameID().getFormat()); SubjectConfirmation subjectConfirmation = subject.getSubjectConfirmations().get(0); SubjectConfirmationData subjectConfirmationData = subjectConfirmation.getSubjectConfirmationData(); assertEquals(request.getID(), subjectConfirmationData.getInResponseTo()); verifyAssertionAttributes(authenticationId, assertion); }
@Test public void testBuildResponseForSamlRequestWithUnspecifiedNameID() throws MessageEncodingException, SAMLException, MetadataProviderException, SecurityException, MarshallingException, SignatureException { String authenticationId = UUID.randomUUID().toString(); Authentication authentication = samlTestUtils.mockUaaAuthentication(authenticationId); SAMLMessageContext context = samlTestUtils.mockSamlMessageContext( samlTestUtils.mockAuthnRequest(NameIDType.UNSPECIFIED)); IdpWebSSOProfileOptions options = new IdpWebSSOProfileOptions(); options.setAssertionsSigned(false); profile.buildResponse(authentication, context, options); AuthnRequest request = (AuthnRequest) context.getInboundSAMLMessage(); Response response = (Response) context.getOutboundSAMLMessage(); Assertion assertion = response.getAssertions().get(0); Subject subject = assertion.getSubject(); assertEquals("marissa", subject.getNameID().getValue()); assertEquals(NameIDType.UNSPECIFIED, subject.getNameID().getFormat()); SubjectConfirmation subjectConfirmation = subject.getSubjectConfirmations().get(0); SubjectConfirmationData subjectConfirmationData = subjectConfirmation.getSubjectConfirmationData(); assertEquals(request.getID(), subjectConfirmationData.getInResponseTo()); verifyAssertionAttributes(authenticationId, assertion); }
@Test public void testBuildResponse() throws MessageEncodingException, SAMLException, MetadataProviderException, SecurityException, MarshallingException, SignatureException { String authenticationId = UUID.randomUUID().toString(); Authentication authentication = samlTestUtils.mockUaaAuthentication(authenticationId); SAMLMessageContext context = samlTestUtils.mockSamlMessageContext(); IdpWebSSOProfileOptions options = new IdpWebSSOProfileOptions(); options.setAssertionsSigned(false); profile.buildResponse(authentication, context, options); AuthnRequest request = (AuthnRequest) context.getInboundSAMLMessage(); Response response = (Response) context.getOutboundSAMLMessage(); assertEquals(request.getID(), response.getInResponseTo()); Assertion assertion = response.getAssertions().get(0); Subject subject = assertion.getSubject(); assertEquals("marissa", subject.getNameID().getValue()); assertEquals(NameIDType.UNSPECIFIED, subject.getNameID().getFormat()); SubjectConfirmation subjectConfirmation = subject.getSubjectConfirmations().get(0); SubjectConfirmationData subjectConfirmationData = subjectConfirmation.getSubjectConfirmationData(); assertEquals(request.getID(), subjectConfirmationData.getInResponseTo()); verifyAssertionAttributes(authenticationId, assertion); }
@Override public String getUsername() { return samlCredential.getNameID().getValue(); }
public Object loadUserBySAML(SAMLCredential credential) throws UsernameNotFoundException { // The method is supposed to identify local account of user referenced by // data in the SAML assertion and return UserDetails object describing the user. String userID = credential.getNameID().getValue(); LOG.info(userID + " is logged in"); List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>(); GrantedAuthority authority = new SimpleGrantedAuthority("ROLE_USER"); authorities.add(authority); // In a real scenario, this implementation has to locate user in a arbitrary // dataStore based on information present in the SAMLCredential and // returns such a date in a form of application specific UserDetails object. return new User(userID, "<abc123>", true, true, true, true, authorities); }
public Object loadUserBySAML(SAMLCredential credential) throws UsernameNotFoundException { log.info("Login received for user {}", credential.getNameID().getValue()); return new SAMLUserDetails(credential); } }
@Override public Object loadUserBySAML(SAMLCredential credential) throws UsernameNotFoundException { String userCatalogId = credential.getNameID().getValue(); PortalUserDetails portalUserData = userService.getUserDataByUserCatalogId(userCatalogId); if (portalUserData == null) { throw new UsernameNotFoundException("User not found ["+userCatalogId+"]"); } return portalUserData; }
@Override public Principal loadUserBySAML(SAMLCredential credential) { LOG.debug("loadUserBySAML {}", credential); List<SAMLAttribute> attributes = credential.getAttributes().stream().map(attribute -> new SAMLAttribute( attribute.getName(), attribute.getAttributeValues().stream().map(SAMLBuilder::getStringValueFromXMLObject) .filter(Optional::isPresent).map(Optional::get).collect(toList()))).collect(toList()); NameID nameID = credential.getNameID(); return new SAMLPrincipal(nameID.getValue(), nameID.getFormat(), attributes); }
/** * Checks that Name is present. * * @param nameID * @throws ValidationException */ protected void validateName(NameID nameID) throws ValidationException { if (DatatypeHelper.isEmpty(nameID.getValue())) { throw new ValidationException("Name is required"); } } }
/** * Retrieves the Name ID from the SAML response. This is normally the name of the authenticated * user. * * @return The Name ID from the SAML response. */ public String getNameID() { return assertion.getSubject().getNameID().getValue(); } }
/** {@inheritDoc} */ public String resolve(ShibbolethResolutionContext resolutionContext) throws AttributeResolutionException { SAMLObject nameIdentifier = resolutionContext.getAttributeRequestContext().getSubjectNameIdentifier(); if (nameIdentifier instanceof NameIdentifier) { return ((NameIdentifier) nameIdentifier).getNameIdentifier(); } else if (nameIdentifier instanceof NameID) { return ((NameID) nameIdentifier).getValue(); } else { return null; } }
public General(Authentication authentication){ SAMLCredential credential = (SAMLCredential) authentication.getCredentials(); NameID nameID = credential.getNameID(); name = authentication.getName(); principal = authentication.getPrincipal(); nameId = nameID.getValue(); nameIdFormat = nameID.getFormat(); idp = credential.getAuthenticationAssertion().getIssuer().getValue(); assertionIssueTime = credential.getAuthenticationAssertion().getIssueInstant(); }
private String getNameIdValue(Assertion assertion) throws IdentityOAuth2Exception { if (assertion.getSubject().getNameID() != null) { return assertion.getSubject().getNameID().getValue(); } else { throw new IdentityOAuth2Exception("NameID value is null. Cannot proceed"); } }
private static String getSubjectNameIDValue(Assertion assertion) { String retVal = null; if (assertion.getSubject() != null && assertion.getSubject().getNameID() != null) { retVal = assertion.getSubject().getNameID().getValue(); //assertion.getSubject().getNameID().get } return retVal; } private static String getSubjectNameIDFormat(Assertion assertion) {
protected void processSubject(Assertion assertion, AuthenticationContext context) throws SAML2SSOAuthenticationException { String subject = null; if (assertion.getSubject() != null && assertion.getSubject().getNameID() != null) { subject = assertion.getSubject().getNameID().getValue(); } if (StringUtils.isBlank(subject)) { throw new SAML2SSOAuthenticationException("Assertion does not contain the name of the subject"); } FederatedUser federatedUser = new FederatedUser(subject); context.addParameter("Subject", federatedUser); }
private boolean equalsNameID(NameID a, NameID b) { boolean equals = !differ(a.getSPProvidedID(), b.getSPProvidedID()); equals = equals && !differ(a.getValue(), b.getValue()); equals = equals && !differ(a.getFormat(), b.getFormat()); equals = equals && !differ(a.getNameQualifier(), b.getNameQualifier()); equals = equals && !differ(a.getSPNameQualifier(), b.getSPNameQualifier()); equals = equals && !differ(a.getSPProvidedID(), b.getSPProvidedID()); return equals; }