summaryrefslogtreecommitdiff
path: root/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/AbstractSamlVerificationEngine.java
diff options
context:
space:
mode:
Diffstat (limited to 'eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/AbstractSamlVerificationEngine.java')
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/AbstractSamlVerificationEngine.java60
1 files changed, 49 insertions, 11 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/AbstractSamlVerificationEngine.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/AbstractSamlVerificationEngine.java
index abbfb1ea..0eb80cc9 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/AbstractSamlVerificationEngine.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/AbstractSamlVerificationEngine.java
@@ -32,6 +32,7 @@ import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;
import at.gv.egiz.eaaf.core.impl.data.Pair;
+import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider;
@@ -48,15 +49,16 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.validation.TrustEngineFactory;
import at.gv.egiz.eaaf.modules.pvp2.impl.verification.SamlVerificationEngine;
import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider;
import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyMetadataProvider;
+import lombok.SneakyThrows;
import net.shibboleth.utilities.java.support.xml.XMLParserException;
public abstract class AbstractSamlVerificationEngine {
@Autowired
- private PvpMetadataResolverFactory metadataResolverFactory;
+ protected PvpMetadataResolverFactory metadataResolverFactory;
@Autowired
- private SamlVerificationEngine verifyEngine;
+ protected SamlVerificationEngine verifyEngine;
@Autowired
protected DummyCredentialProvider credentialProvider;
@@ -255,22 +257,29 @@ public abstract class AbstractSamlVerificationEngine {
}
}
+ @SneakyThrows
+ protected Response initializeResponseSimple(String spEntityId, String authnReqPath, EaafX509Credential credential) {
+ final Response response = (Response) XMLObjectSupport.unmarshallFromInputStream(
+ XMLObjectProviderRegistrySupport.getParserPool(),
+ AbstractSamlVerificationEngine.class.getResourceAsStream(authnReqPath));
+ response.setIssueInstant(Instant.now());
+ final Issuer issuer = Saml2Utils.createSamlObject(Issuer.class);
+ issuer.setValue(spEntityId);
+ response.setIssuer(issuer);
+
+ return Saml2Utils.signSamlObject(response, credential, true);
+
+ }
+
+
protected Pair<Response, IPvp2MetadataProvider> initializeResponse(String spEntityId, String metadataPath,
String authnReqPath, EaafX509Credential credential)
throws SamlSigningException, XMLParserException, UnmarshallingException, Pvp2MetadataException {
final IPvp2MetadataProvider mdResolver = metadataResolverFactory.createMetadataProvider(
metadataPath, null, "jUnit metadata resolver", null);
- final Response authnReq = (Response) XMLObjectSupport.unmarshallFromInputStream(
- XMLObjectProviderRegistrySupport.getParserPool(),
- AbstractSamlVerificationEngine.class.getResourceAsStream(authnReqPath));
- authnReq.setIssueInstant(Instant.now());
- final Issuer issuer = Saml2Utils.createSamlObject(Issuer.class);
- issuer.setValue(spEntityId);
- authnReq.setIssuer(issuer);
-
return Pair.newInstance(
- Saml2Utils.signSamlObject(authnReq, credential, true),
+ initializeResponseSimple(spEntityId, authnReqPath, credential),
mdResolver);
}
@@ -336,5 +345,34 @@ public abstract class AbstractSamlVerificationEngine {
}
+ @SneakyThrows
+ protected void performEncryptionDecrytion(EaafX509Credential encdecCredential) {
+ final String responsePath = "/data/response_encrypt_decryption_test.xml";
+ final String spEntityId = "https://demo.egiz.gv.at/demoportal_demologin/";
+
+ final Response response = (Response) XMLObjectSupport.unmarshallFromInputStream(
+ XMLObjectProviderRegistrySupport.getParserPool(),
+ AbstractSamlVerificationEngine.class.getResourceAsStream(responsePath));
+
+ // encrypt assertion with key
+ response.getEncryptedAssertions().add(doEncryption(response.getAssertions().get(0),
+ encdecCredential, authConfig));
+ response.getAssertions().clear();
+
+ // re-sign response
+ response.setIssueInstant(Instant.now());
+ final Issuer issuer = Saml2Utils.createSamlObject(Issuer.class);
+ issuer.setValue(spEntityId);
+ response.setIssuer(issuer);
+ Saml2Utils.signSamlObject(response, credentialProvider.getMetaDataSigningCredential(), true);
+
+ DomUtils.serializeNode(XMLObjectSupport.marshall(response));
+
+
+ // decrypt and verify assertion by using EAAF implementation
+ verifyEngine.validateAssertion(response, encdecCredential,
+ spEntityId, "jUnit Test", false);
+
+ }
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-18 13:32:57 +0000