UY-1561 update to fixed samly2, update to changed API

Author: golbi

pom.xml

@@ -533,7 +533,7 @@
 			<dependency>
 				<groupId>io.imunity.samly</groupId>
 				<artifactId>samly2</artifactId>
-				<version>3.0.0</version>
+				<version>3.2.0</version>
 			</dependency>
 			<dependency>
 				<groupId>io.imunity.samly</groupId>

saml/src/main/java/pl/edu/icm/unity/saml/metadata/cfg/MetadataVerificator.java

@@ -11,7 +11,7 @@
 import org.w3c.dom.Document;
 
 import eu.unicore.security.dsig.DSigException;
-import eu.unicore.security.dsig.DigSignatureUtil;
+import eu.unicore.security.dsig.DigSignatureVerificator;
 import eu.unicore.security.dsig.IdAttribute;
 import pl.edu.icm.unity.saml.sp.SAMLSPProperties.MetadataSignatureValidation;
 import xmlbeans.org.oasis.saml2.metadata.EntitiesDescriptorDocument;
@@ -82,7 +82,7 @@ protected void validateSignature(X509Certificate issuerCertificate, String name,
 	{
 		try
 		{
-			DigSignatureUtil sigUtil = new DigSignatureUtil();
+			DigSignatureVerificator sigUtil = new DigSignatureVerificator();
 			boolean result = sigUtil.verifyEnvelopedSignature(doc, 
 				Collections.singletonList(doc.getDocumentElement()), 
 				ID_QNAME, 

saml/src/test/java/pl/edu/icm/unity/saml/TestSAMLResponseValidatorUtil.java

@@ -41,10 +41,11 @@ public void shouldReturnAuthnContextFromAssertionAsAttribute() throws Exception
 
 		ResponseDocument respDoc = ResponseDocument.Factory.parse(
 				new File("src/test/resources/responseDocSigned.xml"));
-		List<AssertionDocument> authnAssertions = SAMLUtils.extractAllAssertions(
-				respDoc.getResponse(), null).stream()
-				.filter(a -> a.getAssertion().getAuthnStatementArray().length > 0)
-				.collect(Collectors.toList());
+		List<AssertionDocument> authnAssertions = 
+				SAMLUtils.extractAllAssertions(respDoc.getResponse(), null).stream()
+					.map(wrap -> wrap.xmlBean)
+					.filter(a -> a.getAssertion().getAuthnStatementArray().length > 0)
+					.collect(Collectors.toList());
 
 		SSOAuthnResponseValidator validator = mock(SSOAuthnResponseValidator.class);
 		when(validator.getAuthNAssertions()).thenReturn(authnAssertions);
@@ -55,7 +56,7 @@ public void shouldReturnAuthnContextFromAssertionAsAttribute() throws Exception
 		RemoteAttribute authnCtxAttr = authnInput.getAttributes().get(AUTHN_CONTEXT_CLASS_REF_ATTR);
 		assertThat(authnCtxAttr).isNotNull();
 		assertThat(authnCtxAttr.getValues().isEmpty()).isFalse();
-		assertThat(authnInput.getAttributes().get(AUTHN_CONTEXT_CLASS_REF_ATTR).getValues().get(0)). 
+		assertThat(authnInput.getAttributes().get(AUTHN_CONTEXT_CLASS_REF_ATTR).getValues().getFirst()).
 				isEqualTo("urn:oasis:names:tc:SAML:2.0:ac:classes:Password");
 
 	}
@@ -70,10 +71,11 @@ public void shouldReturnAuthnContextFromAssertionAsRemoteMetaContext() throws Ex
 
 		ResponseDocument respDoc = ResponseDocument.Factory.parse(
 				new File("src/test/resources/responseDocSigned.xml"));
-		List<AssertionDocument> authnAssertions = SAMLUtils.extractAllAssertions(
-				respDoc.getResponse(), null).stream()
-				.filter(a -> a.getAssertion().getAuthnStatementArray().length > 0)
-				.collect(Collectors.toList());
+		List<AssertionDocument> authnAssertions = 
+				SAMLUtils.extractAllAssertions(respDoc.getResponse(), null).stream()
+					.map(wrap -> wrap.xmlBean)
+					.filter(a -> a.getAssertion().getAuthnStatementArray().length > 0)
+					.collect(Collectors.toList());
 
 		SSOAuthnResponseValidator validator = mock(SSOAuthnResponseValidator.class);
 		when(validator.getAuthNAssertions()).thenReturn(authnAssertions);
@@ -84,7 +86,7 @@ public void shouldReturnAuthnContextFromAssertionAsRemoteMetaContext() throws Ex
 		RemoteAuthnMetadata remoteAuthnMeta = authnInput.getRemoteAuthnMetadata();
 		assertThat(remoteAuthnMeta).isNotNull();
 		assertThat(remoteAuthnMeta.classReferences().isEmpty()).isFalse();
-		assertThat(remoteAuthnMeta.classReferences().get(0)). 
+		assertThat(remoteAuthnMeta.classReferences().getFirst()).
 				isEqualTo("urn:oasis:names:tc:SAML:2.0:ac:classes:Password");
 		assertThat(remoteAuthnMeta.protocol()).isEqualTo(Protocol.SAML);
 		assertThat(remoteAuthnMeta.remoteIdPId()).isEqualTo("http://centos6-unity1:8080/simplesaml/saml2/idp/metadata.php");
@@ -101,8 +103,8 @@ public void shouldSaveAuthenticationTimeInAuthInput() throws Exception
 		ResponseDocument respDoc = ResponseDocument.Factory.parse(new File("src/test/resources/responseDocSigned.xml"));
 		List<AssertionDocument> authnAssertions = SAMLUtils.extractAllAssertions(respDoc.getResponse(), null)
 				.stream()
-				.filter(a -> a.getAssertion()
-						.getAuthnStatementArray().length > 0)
+				.map(wrap -> wrap.xmlBean)
+				.filter(a -> a.getAssertion().getAuthnStatementArray().length > 0)
 				.collect(Collectors.toList());
 
 		SSOAuthnResponseValidator validator = mock(SSOAuthnResponseValidator.class);

saml/src/test/java/pl/edu/icm/unity/saml/metadata/cfg/MetadataParsingIntegrationTest.java

@@ -21,10 +21,10 @@
 import org.junit.jupiter.api.Test;
 
 import eu.unicore.samly2.SAMLUtils;
+import eu.unicore.samly2.SAMLUtils.XMLBeansWithDom;
 import eu.unicore.samly2.messages.XMLExpandedMessage;
 import eu.unicore.samly2.trust.ResponseTrustCheckResult;
 import eu.unicore.samly2.trust.SamlTrustChecker;
-import pl.edu.icm.unity.base.exceptions.EngineException;
 import pl.edu.icm.unity.base.translation.TranslationProfile;
 import pl.edu.icm.unity.engine.api.PKIManagement;
 import pl.edu.icm.unity.saml.sp.FakeSAMLSPConfiguration;
@@ -59,12 +59,12 @@ public void shouldTrustResponseSignedByIdpFromParsedMetadata() throws Exception
 
 		ResponseDocument respDoc = ResponseDocument.Factory.parse(
 				new File("src/test/resources/responseDocSigned.xml"));
-		List<AssertionDocument> authnAssertions = getAuthAssertions(respDoc);
+		List<XMLBeansWithDom<AssertionDocument>> authnAssertions = getAuthAssertions(respDoc);
 		XMLExpandedMessage response = new XMLExpandedMessage(respDoc, respDoc.getResponse());
 
 		ResponseTrustCheckResult responseTrustCheckResult = checkerForIdP.checkTrust(response, respDoc.getResponse());
 		Throwable assertionValidationError = catchThrowable(() -> 
-			checkerForIdP.checkTrust(authnAssertions.get(0), responseTrustCheckResult));
+			checkerForIdP.checkTrust(authnAssertions.getFirst(), responseTrustCheckResult));
 
 		assertThat(assertionValidationError).isNull();
 		assertThat(responseTrustCheckResult.isTrustEstablished()).isTrue();
@@ -80,15 +80,14 @@ private RemoteMetadataSource getDummyMetadataSource()
 				.build();
 	}
 
-	private List<AssertionDocument> getAuthAssertions(ResponseDocument respDoc) throws Exception
+	private List<XMLBeansWithDom<AssertionDocument>> getAuthAssertions(ResponseDocument respDoc) throws Exception
 	{
-		return SAMLUtils.extractAllAssertions(
-				respDoc.getResponse(), null).stream()
-				.filter(a -> a.getAssertion().getAuthnStatementArray().length > 0)
+		return SAMLUtils.extractAllAssertions(respDoc.getResponse(), null).stream()
+				.filter(a -> a.xmlBean.getAssertion().getAuthnStatementArray().length > 0)
 				.collect(Collectors.toList());
 	}
 
-	private SAMLSPConfiguration createConfig() throws EngineException
+	private SAMLSPConfiguration createConfig()
 	{
 		return FakeSAMLSPConfiguration.getFakeBuilder()
 				.build();

saml/src/test/java/pl/edu/icm/unity/saml/sp/TrustAllTrustChecker.java

@@ -4,7 +4,7 @@
  */
 package pl.edu.icm.unity.saml.sp;
 
-import eu.unicore.samly2.exceptions.SAMLValidationException;
+import eu.unicore.samly2.SAMLUtils;
 import eu.unicore.samly2.messages.SAMLVerifiableElement;
 import eu.unicore.samly2.trust.CheckingMode;
 import eu.unicore.samly2.trust.ResponseTrustCheckResult;
@@ -25,26 +25,25 @@
 public class TrustAllTrustChecker implements SamlTrustChecker
 {
 	@Override
-	public void checkTrust(SAMLVerifiableElement message, RequestAbstractType request) throws SAMLValidationException
+	public void checkTrust(SAMLVerifiableElement message, RequestAbstractType request)
 	{
 	}
 
 	@Override
-	public void checkTrust(AssertionDocument assertionDoc,
+	public void checkTrust(SAMLUtils.XMLBeansWithDom<AssertionDocument> assertionDoc,
 			ResponseTrustCheckResult responseCheckResult)
-			throws SAMLValidationException
 	{
 	}
 
 	@Override
 	public ResponseTrustCheckResult checkTrust(SAMLVerifiableElement message,
-			StatusResponseType response) throws SAMLValidationException
+			StatusResponseType response)
 	{
 		return new ResponseTrustCheckResult(true);
 	}
 
 	@Override
-	public void checkTrust(AssertionDocument assertionDoc) throws SAMLValidationException
+	public void checkTrust(SAMLUtils.XMLBeansWithDom<AssertionDocument> assertionDoc)
 	{
 		checkTrust(assertionDoc, new ResponseTrustCheckResult(true));
 	}