Josh Cummings
parent
440e89095f
commit
b4dbcd6b2d
|
|
@ -0,0 +1,87 @@
|
|||
/*
|
||||
* Copyright 2002-2022 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.saml2.provider.service.registration;
|
||||
|
||||
import org.opensaml.saml.saml2.metadata.EntityDescriptor;
|
||||
|
||||
/**
|
||||
* A {@link RelyingPartyRegistration.AssertingPartyDetails} that contains
|
||||
* OpenSAML-specific members
|
||||
*
|
||||
* @author Josh Cummings
|
||||
* @since 5.7
|
||||
*/
|
||||
public final class OpenSamlAssertingPartyDetails extends RelyingPartyRegistration.AssertingPartyDetails {
|
||||
|
||||
private final EntityDescriptor descriptor;
|
||||
|
||||
OpenSamlAssertingPartyDetails(RelyingPartyRegistration.AssertingPartyDetails details, EntityDescriptor descriptor) {
|
||||
super(details.getEntityId(), details.getWantAuthnRequestsSigned(), details.getSigningAlgorithms(),
|
||||
details.getVerificationX509Credentials(), details.getEncryptionX509Credentials(),
|
||||
details.getSingleSignOnServiceLocation(), details.getSingleSignOnServiceBinding(),
|
||||
details.getSingleLogoutServiceLocation(), details.getSingleLogoutServiceResponseLocation(),
|
||||
details.getSingleLogoutServiceBinding());
|
||||
this.descriptor = descriptor;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the {@link EntityDescriptor} that underlies this
|
||||
* {@link org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails}
|
||||
* @return the {@link EntityDescriptor}
|
||||
*/
|
||||
public EntityDescriptor getEntityDescriptor() {
|
||||
return this.descriptor;
|
||||
}
|
||||
|
||||
/**
|
||||
* Use this {@link EntityDescriptor} to begin building an
|
||||
* {@link org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails}
|
||||
* @param entity the {@link EntityDescriptor} to use
|
||||
* @return the
|
||||
* {@link org.springframework.security.saml2.provider.service.registration.OpenSamlAssertingPartyDetails.Builder}
|
||||
* for further configurations
|
||||
*/
|
||||
public static OpenSamlAssertingPartyDetails.Builder withEntityDescriptor(EntityDescriptor entity) {
|
||||
return new OpenSamlAssertingPartyDetails.Builder(entity);
|
||||
}
|
||||
|
||||
/**
|
||||
* An OpenSAML version of
|
||||
* {@link org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails.Builder}
|
||||
* that contains the underlying {@link EntityDescriptor}
|
||||
*/
|
||||
public static final class Builder extends RelyingPartyRegistration.AssertingPartyDetails.Builder {
|
||||
|
||||
private final EntityDescriptor descriptor;
|
||||
|
||||
private Builder(EntityDescriptor descriptor) {
|
||||
this.descriptor = descriptor;
|
||||
}
|
||||
|
||||
/**
|
||||
* Build an
|
||||
* {@link org.springframework.security.saml2.provider.service.registration.OpenSamlAssertingPartyDetails}
|
||||
* @return
|
||||
*/
|
||||
@Override
|
||||
public OpenSamlAssertingPartyDetails build() {
|
||||
return new OpenSamlAssertingPartyDetails(super.build(), this.descriptor);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -47,7 +47,7 @@ import org.springframework.security.saml2.Saml2Exception;
|
|||
import org.springframework.security.saml2.core.OpenSamlInitializationService;
|
||||
import org.springframework.security.saml2.core.Saml2X509Credential;
|
||||
|
||||
class OpenSamlAssertingPartyMetadataConverter {
|
||||
class OpenSamlMetadataAssertingPartyDetailsConverter {
|
||||
|
||||
static {
|
||||
OpenSamlInitializationService.initialize();
|
||||
|
|
@ -58,15 +58,15 @@ class OpenSamlAssertingPartyMetadataConverter {
|
|||
private final ParserPool parserPool;
|
||||
|
||||
/**
|
||||
* Creates a {@link OpenSamlAssertingPartyMetadataConverter}
|
||||
* Creates a {@link OpenSamlMetadataAssertingPartyDetailsConverter}
|
||||
*/
|
||||
OpenSamlAssertingPartyMetadataConverter() {
|
||||
OpenSamlMetadataAssertingPartyDetailsConverter() {
|
||||
this.registry = ConfigurationService.get(XMLObjectProviderRegistry.class);
|
||||
this.parserPool = this.registry.getParserPool();
|
||||
}
|
||||
|
||||
Collection<RelyingPartyRegistration.Builder> convert(InputStream inputStream) {
|
||||
List<RelyingPartyRegistration.Builder> builders = new ArrayList<>();
|
||||
Collection<RelyingPartyRegistration.AssertingPartyDetails.Builder> convert(InputStream inputStream) {
|
||||
List<RelyingPartyRegistration.AssertingPartyDetails.Builder> builders = new ArrayList<>();
|
||||
XMLObject xmlObject = xmlObject(inputStream);
|
||||
if (xmlObject instanceof EntitiesDescriptor) {
|
||||
EntitiesDescriptor descriptors = (EntitiesDescriptor) xmlObject;
|
||||
|
|
@ -82,7 +82,7 @@ class OpenSamlAssertingPartyMetadataConverter {
|
|||
throw new Saml2Exception("Unsupported element of type " + xmlObject.getClass());
|
||||
}
|
||||
|
||||
RelyingPartyRegistration.Builder convert(EntityDescriptor descriptor) {
|
||||
RelyingPartyRegistration.AssertingPartyDetails.Builder convert(EntityDescriptor descriptor) {
|
||||
IDPSSODescriptor idpssoDescriptor = descriptor.getIDPSSODescriptor(SAMLConstants.SAML20P_NS);
|
||||
if (idpssoDescriptor == null) {
|
||||
throw new Saml2Exception("Metadata response is missing the necessary IDPSSODescriptor element");
|
||||
|
|
@ -114,15 +114,14 @@ class OpenSamlAssertingPartyMetadataConverter {
|
|||
throw new Saml2Exception(
|
||||
"Metadata response is missing verification certificates, necessary for verifying SAML assertions");
|
||||
}
|
||||
RelyingPartyRegistration.Builder builder = RelyingPartyRegistration.withRegistrationId(descriptor.getEntityID())
|
||||
.assertingPartyDetails((party) -> party.entityId(descriptor.getEntityID())
|
||||
.wantAuthnRequestsSigned(Boolean.TRUE.equals(idpssoDescriptor.getWantAuthnRequestsSigned()))
|
||||
.verificationX509Credentials((c) -> c.addAll(verification))
|
||||
.encryptionX509Credentials((c) -> c.addAll(encryption)));
|
||||
RelyingPartyRegistration.AssertingPartyDetails.Builder party = OpenSamlAssertingPartyDetails
|
||||
.withEntityDescriptor(descriptor).entityId(descriptor.getEntityID())
|
||||
.wantAuthnRequestsSigned(Boolean.TRUE.equals(idpssoDescriptor.getWantAuthnRequestsSigned()))
|
||||
.verificationX509Credentials((c) -> c.addAll(verification))
|
||||
.encryptionX509Credentials((c) -> c.addAll(encryption));
|
||||
List<SigningMethod> signingMethods = signingMethods(idpssoDescriptor);
|
||||
for (SigningMethod method : signingMethods) {
|
||||
builder.assertingPartyDetails(
|
||||
(party) -> party.signingAlgorithms((algorithms) -> algorithms.add(method.getAlgorithm())));
|
||||
party.signingAlgorithms((algorithms) -> algorithms.add(method.getAlgorithm()));
|
||||
}
|
||||
if (idpssoDescriptor.getSingleSignOnServices().isEmpty()) {
|
||||
throw new Saml2Exception(
|
||||
|
|
@ -139,9 +138,7 @@ class OpenSamlAssertingPartyMetadataConverter {
|
|||
else {
|
||||
continue;
|
||||
}
|
||||
builder.assertingPartyDetails(
|
||||
(party) -> party.singleSignOnServiceLocation(singleSignOnService.getLocation())
|
||||
.singleSignOnServiceBinding(binding));
|
||||
party.singleSignOnServiceLocation(singleSignOnService.getLocation()).singleSignOnServiceBinding(binding);
|
||||
break;
|
||||
}
|
||||
for (SingleLogoutService singleLogoutService : idpssoDescriptor.getSingleLogoutServices()) {
|
||||
|
|
@ -157,12 +154,11 @@ class OpenSamlAssertingPartyMetadataConverter {
|
|||
}
|
||||
String responseLocation = (singleLogoutService.getResponseLocation() == null)
|
||||
? singleLogoutService.getLocation() : singleLogoutService.getResponseLocation();
|
||||
builder.assertingPartyDetails(
|
||||
(party) -> party.singleLogoutServiceLocation(singleLogoutService.getLocation())
|
||||
.singleLogoutServiceResponseLocation(responseLocation).singleLogoutServiceBinding(binding));
|
||||
party.singleLogoutServiceLocation(singleLogoutService.getLocation())
|
||||
.singleLogoutServiceResponseLocation(responseLocation).singleLogoutServiceBinding(binding);
|
||||
break;
|
||||
}
|
||||
return builder;
|
||||
return party;
|
||||
}
|
||||
|
||||
private List<X509Certificate> certificates(KeyDescriptor keyDescriptor) {
|
||||
|
|
@ -62,13 +62,13 @@ public class OpenSamlRelyingPartyRegistrationBuilderHttpMessageConverter
|
|||
OpenSamlInitializationService.initialize();
|
||||
}
|
||||
|
||||
private final OpenSamlAssertingPartyMetadataConverter converter;
|
||||
private final OpenSamlMetadataAssertingPartyDetailsConverter converter;
|
||||
|
||||
/**
|
||||
* Creates a {@link OpenSamlRelyingPartyRegistrationBuilderHttpMessageConverter}
|
||||
*/
|
||||
public OpenSamlRelyingPartyRegistrationBuilderHttpMessageConverter() {
|
||||
this.converter = new OpenSamlAssertingPartyMetadataConverter();
|
||||
this.converter = new OpenSamlMetadataAssertingPartyDetailsConverter();
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
@ -89,7 +89,8 @@ public class OpenSamlRelyingPartyRegistrationBuilderHttpMessageConverter
|
|||
@Override
|
||||
public RelyingPartyRegistration.Builder read(Class<? extends RelyingPartyRegistration.Builder> clazz,
|
||||
HttpInputMessage inputMessage) throws IOException, HttpMessageNotReadableException {
|
||||
return this.converter.convert(inputMessage.getBody()).iterator().next();
|
||||
return RelyingPartyRegistration
|
||||
.withAssertingPartyDetails(this.converter.convert(inputMessage.getBody()).iterator().next().build());
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2021 the original author or authors.
|
||||
* Copyright 2002-2022 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
|
@ -422,6 +422,21 @@ public final class RelyingPartyRegistration {
|
|||
return new Builder(registrationId);
|
||||
}
|
||||
|
||||
public static Builder withAssertingPartyDetails(AssertingPartyDetails assertingPartyDetails) {
|
||||
Assert.notNull(assertingPartyDetails, "assertingPartyDetails cannot be null");
|
||||
return withRegistrationId(assertingPartyDetails.getEntityId()).assertingPartyDetails((party) -> party
|
||||
.entityId(assertingPartyDetails.getEntityId())
|
||||
.wantAuthnRequestsSigned(assertingPartyDetails.getWantAuthnRequestsSigned())
|
||||
.signingAlgorithms((algorithms) -> algorithms.addAll(assertingPartyDetails.getSigningAlgorithms()))
|
||||
.verificationX509Credentials((c) -> c.addAll(assertingPartyDetails.getVerificationX509Credentials()))
|
||||
.encryptionX509Credentials((c) -> c.addAll(assertingPartyDetails.getEncryptionX509Credentials()))
|
||||
.singleSignOnServiceLocation(assertingPartyDetails.getSingleSignOnServiceLocation())
|
||||
.singleSignOnServiceBinding(assertingPartyDetails.getSingleSignOnServiceBinding())
|
||||
.singleLogoutServiceLocation(assertingPartyDetails.getSingleLogoutServiceLocation())
|
||||
.singleLogoutServiceResponseLocation(assertingPartyDetails.getSingleLogoutServiceResponseLocation())
|
||||
.singleLogoutServiceBinding(assertingPartyDetails.getSingleLogoutServiceBinding()));
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a {@code RelyingPartyRegistration} {@link Builder} based on an existing
|
||||
* object
|
||||
|
|
@ -510,7 +525,7 @@ public final class RelyingPartyRegistration {
|
|||
*
|
||||
* @since 5.4
|
||||
*/
|
||||
public static final class AssertingPartyDetails {
|
||||
public static class AssertingPartyDetails {
|
||||
|
||||
private final String entityId;
|
||||
|
||||
|
|
@ -532,7 +547,7 @@ public final class RelyingPartyRegistration {
|
|||
|
||||
private final Saml2MessageBinding singleLogoutServiceBinding;
|
||||
|
||||
private AssertingPartyDetails(String entityId, boolean wantAuthnRequestsSigned, List<String> signingAlgorithms,
|
||||
AssertingPartyDetails(String entityId, boolean wantAuthnRequestsSigned, List<String> signingAlgorithms,
|
||||
Collection<Saml2X509Credential> verificationX509Credentials,
|
||||
Collection<Saml2X509Credential> encryptionX509Credentials, String singleSignOnServiceLocation,
|
||||
Saml2MessageBinding singleSignOnServiceBinding, String singleLogoutServiceLocation,
|
||||
|
|
@ -701,7 +716,7 @@ public final class RelyingPartyRegistration {
|
|||
return this.singleLogoutServiceBinding;
|
||||
}
|
||||
|
||||
public static final class Builder {
|
||||
public static class Builder {
|
||||
|
||||
private String entityId;
|
||||
|
||||
|
|
@ -951,7 +966,7 @@ public final class RelyingPartyRegistration {
|
|||
@Deprecated
|
||||
public static final class Builder {
|
||||
|
||||
private final AssertingPartyDetails.Builder assertingPartyDetailsBuilder = new AssertingPartyDetails.Builder();
|
||||
private AssertingPartyDetails.Builder assertingPartyDetailsBuilder = new AssertingPartyDetails.Builder();
|
||||
|
||||
/**
|
||||
* Set the asserting party's <a href=
|
||||
|
|
|
|||
|
|
@ -18,11 +18,13 @@ package org.springframework.security.saml2.provider.service.registration;
|
|||
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
|
||||
import org.springframework.core.io.DefaultResourceLoader;
|
||||
import org.springframework.core.io.ResourceLoader;
|
||||
import org.springframework.security.saml2.Saml2Exception;
|
||||
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails;
|
||||
|
||||
/**
|
||||
* A utility class for constructing instances of {@link RelyingPartyRegistration}
|
||||
|
|
@ -34,7 +36,7 @@ import org.springframework.security.saml2.Saml2Exception;
|
|||
*/
|
||||
public final class RelyingPartyRegistrations {
|
||||
|
||||
private static final OpenSamlAssertingPartyMetadataConverter assertingPartyMetadataConverter = new OpenSamlAssertingPartyMetadataConverter();
|
||||
private static final OpenSamlMetadataAssertingPartyDetailsConverter assertingPartyMetadataConverter = new OpenSamlMetadataAssertingPartyDetailsConverter();
|
||||
|
||||
private static final ResourceLoader resourceLoader = new DefaultResourceLoader();
|
||||
|
||||
|
|
@ -123,7 +125,7 @@ public final class RelyingPartyRegistrations {
|
|||
* @since 5.6
|
||||
*/
|
||||
public static RelyingPartyRegistration.Builder fromMetadata(InputStream source) {
|
||||
return assertingPartyMetadataConverter.convert(source).iterator().next();
|
||||
return collectionFromMetadata(source).iterator().next();
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -213,7 +215,11 @@ public final class RelyingPartyRegistrations {
|
|||
* @since 5.7
|
||||
*/
|
||||
public static Collection<RelyingPartyRegistration.Builder> collectionFromMetadata(InputStream source) {
|
||||
return assertingPartyMetadataConverter.convert(source);
|
||||
Collection<RelyingPartyRegistration.Builder> builders = new ArrayList<>();
|
||||
for (AssertingPartyDetails.Builder builder : assertingPartyMetadataConverter.convert(source)) {
|
||||
builders.add(RelyingPartyRegistration.withAssertingPartyDetails(builder.build()));
|
||||
}
|
||||
return builders;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@ import java.util.Base64;
|
|||
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.opensaml.saml.saml2.metadata.EntityDescriptor;
|
||||
import org.opensaml.xmlsec.signature.support.SignatureConstants;
|
||||
|
||||
import org.springframework.security.saml2.Saml2Exception;
|
||||
|
|
@ -31,7 +32,7 @@ import org.springframework.security.saml2.Saml2Exception;
|
|||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
|
||||
public class OpenSamlAssertingPartyMetadataConverterTests {
|
||||
public class OpenSamlMetadataAssertingPartyDetailsConverterTests {
|
||||
|
||||
private static final String CERTIFICATE = "MIIEEzCCAvugAwIBAgIJAIc1qzLrv+5nMA0GCSqGSIb3DQEBCwUAMIGfMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ08xFDASBgNVBAcMC0Nhc3RsZSBSb2NrMRwwGgYDVQQKDBNTYW1sIFRlc3RpbmcgU2VydmVyMQswCQYDVQQLDAJJVDEgMB4GA1UEAwwXc2ltcGxlc2FtbHBocC5jZmFwcHMuaW8xIDAeBgkqhkiG9w0BCQEWEWZoYW5pa0BwaXZvdGFsLmlvMB4XDTE1MDIyMzIyNDUwM1oXDTI1MDIyMjIyNDUwM1owgZ8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDTzEUMBIGA1UEBwwLQ2FzdGxlIFJvY2sxHDAaBgNVBAoME1NhbWwgVGVzdGluZyBTZXJ2ZXIxCzAJBgNVBAsMAklUMSAwHgYDVQQDDBdzaW1wbGVzYW1scGhwLmNmYXBwcy5pbzEgMB4GCSqGSIb3DQEJARYRZmhhbmlrQHBpdm90YWwuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4cn62E1xLqpN34PmbrKBbkOXFjzWgJ9b+pXuaRft6A339uuIQeoeH5qeSKRVTl32L0gdz2ZivLwZXW+cqvftVW1tvEHvzJFyxeTW3fCUeCQsebLnA2qRa07RkxTo6Nf244mWWRDodcoHEfDUSbxfTZ6IExSojSIU2RnD6WllYWFdD1GFpBJOmQB8rAc8wJIBdHFdQnX8Ttl7hZ6rtgqEYMzYVMuJ2F2r1HSU1zSAvwpdYP6rRGFRJEfdA9mm3WKfNLSc5cljz0X/TXy0vVlAV95l9qcfFzPmrkNIst9FZSwpvB49LyAVke04FQPPwLgVH4gphiJH3jvZ7I+J5lS8VAgMBAAGjUDBOMB0GA1UdDgQWBBTTyP6Cc5HlBJ5+ucVCwGc5ogKNGzAfBgNVHSMEGDAWgBTTyP6Cc5HlBJ5+ucVCwGc5ogKNGzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAvMS4EQeP/ipV4jOG5lO6/tYCb/iJeAduOnRhkJk0DbX329lDLZhTTL/x/w/9muCVcvLrzEp6PN+VWfw5E5FWtZN0yhGtP9R+vZnrV+oc2zGD+no1/ySFOe3EiJCO5dehxKjYEmBRv5sU/LZFKZpozKN/BMEa6CqLuxbzb7ykxVr7EVFXwltPxzE9TmL9OACNNyF5eJHWMRMllarUvkcXlh4pux4ks9e6zV9DQBy2zds9f1I3qxg0eX6JnGrXi/ZiCT+lJgVe3ZFXiejiLAiKB04sXW3ti0LW3lx13Y1YlQ4/tlpgTgfIJxKV6nyPiLoK0nywbMd+vpAirDt2Oc+hk";
|
||||
|
||||
|
|
@ -56,11 +57,11 @@ public class OpenSamlAssertingPartyMetadataConverterTests {
|
|||
private static final String SINGLE_SIGN_ON_SERVICE_TEMPLATE = "<md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" "
|
||||
+ "Location=\"sso-location\"/>";
|
||||
|
||||
private OpenSamlAssertingPartyMetadataConverter converter;
|
||||
private OpenSamlMetadataAssertingPartyDetailsConverter converter;
|
||||
|
||||
@BeforeEach
|
||||
public void setup() {
|
||||
this.converter = new OpenSamlAssertingPartyMetadataConverter();
|
||||
this.converter = new OpenSamlMetadataAssertingPartyDetailsConverter();
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -98,9 +99,8 @@ public class OpenSamlAssertingPartyMetadataConverterTests {
|
|||
+ String.format(KEY_DESCRIPTOR_TEMPLATE, "use=\"encryption\"") + EXTENSIONS_TEMPLATE
|
||||
+ String.format(SINGLE_SIGN_ON_SERVICE_TEMPLATE)));
|
||||
InputStream inputStream = new ByteArrayInputStream(payload.getBytes());
|
||||
RelyingPartyRegistration registration = this.converter.convert(inputStream).iterator().next()
|
||||
.registrationId("one").build();
|
||||
RelyingPartyRegistration.AssertingPartyDetails details = registration.getAssertingPartyDetails();
|
||||
RelyingPartyRegistration.AssertingPartyDetails details = this.converter.convert(inputStream).iterator().next()
|
||||
.build();
|
||||
assertThat(details.getWantAuthnRequestsSigned()).isFalse();
|
||||
assertThat(details.getSigningAlgorithms()).containsExactly(SignatureConstants.ALGO_ID_DIGEST_SHA512);
|
||||
assertThat(details.getSingleSignOnServiceLocation()).isEqualTo("sso-location");
|
||||
|
|
@ -112,6 +112,11 @@ public class OpenSamlAssertingPartyMetadataConverterTests {
|
|||
assertThat(details.getEncryptionX509Credentials()).hasSize(1);
|
||||
assertThat(details.getEncryptionX509Credentials().iterator().next().getCertificate())
|
||||
.isEqualTo(x509Certificate(CERTIFICATE));
|
||||
assertThat(details).isInstanceOf(OpenSamlAssertingPartyDetails.class);
|
||||
OpenSamlAssertingPartyDetails openSamlDetails = (OpenSamlAssertingPartyDetails) details;
|
||||
EntityDescriptor entityDescriptor = openSamlDetails.getEntityDescriptor();
|
||||
assertThat(entityDescriptor).isNotNull();
|
||||
assertThat(entityDescriptor.getEntityID()).isEqualTo(details.getEntityId());
|
||||
}
|
||||
|
||||
// gh-9051
|
||||
|
|
@ -124,9 +129,8 @@ public class OpenSamlAssertingPartyMetadataConverterTests {
|
|||
+ String.format(KEY_DESCRIPTOR_TEMPLATE, "use=\"encryption\"")
|
||||
+ String.format(SINGLE_SIGN_ON_SERVICE_TEMPLATE))));
|
||||
InputStream inputStream = new ByteArrayInputStream(payload.getBytes());
|
||||
RelyingPartyRegistration registration = this.converter.convert(inputStream).iterator().next()
|
||||
.registrationId("one").build();
|
||||
RelyingPartyRegistration.AssertingPartyDetails details = registration.getAssertingPartyDetails();
|
||||
RelyingPartyRegistration.AssertingPartyDetails details = this.converter.convert(inputStream).iterator().next()
|
||||
.build();
|
||||
assertThat(details.getWantAuthnRequestsSigned()).isFalse();
|
||||
assertThat(details.getSingleSignOnServiceLocation()).isEqualTo("sso-location");
|
||||
assertThat(details.getSingleSignOnServiceBinding()).isEqualTo(Saml2MessageBinding.REDIRECT);
|
||||
|
|
@ -144,9 +148,8 @@ public class OpenSamlAssertingPartyMetadataConverterTests {
|
|||
String payload = String.format(ENTITY_DESCRIPTOR_TEMPLATE, String.format(IDP_SSO_DESCRIPTOR_TEMPLATE,
|
||||
String.format(KEY_DESCRIPTOR_TEMPLATE, "") + String.format(SINGLE_SIGN_ON_SERVICE_TEMPLATE)));
|
||||
InputStream inputStream = new ByteArrayInputStream(payload.getBytes());
|
||||
RelyingPartyRegistration registration = this.converter.convert(inputStream).iterator().next()
|
||||
.registrationId("one").build();
|
||||
RelyingPartyRegistration.AssertingPartyDetails details = registration.getAssertingPartyDetails();
|
||||
RelyingPartyRegistration.AssertingPartyDetails details = this.converter.convert(inputStream).iterator().next()
|
||||
.build();
|
||||
assertThat(details.getVerificationX509Credentials().iterator().next().getCertificate())
|
||||
.isEqualTo(x509Certificate(CERTIFICATE));
|
||||
assertThat(details.getEncryptionX509Credentials()).hasSize(1);
|
||||
Loading…
Reference in New Issue