Package org.mockserver.saml

Class SamlProviderGenerator

java.lang.Object
org.mockserver.saml.SamlProviderGenerator
public class SamlProviderGenerator extends Object
Generates MockServer Expectations that stand up a complete mock SAML 2.0 Identity Provider implementing the SP-initiated Web-Browser-SSO POST profile, so applications using SAML SSO can be tested without a real IdP.

Up to three endpoints are generated:

  • GET <metadataUrl> — returns SAML 2.0 IdP metadata XML (an EntityDescriptor with an IDPSSODescriptor, the signing X.509 certificate, a SingleSignOnService and (when an SLO path is configured) a SingleLogoutService, both with the HTTP-POST binding).
  • GET/POST <ssoServiceUrl> — a SamlSsoCallback class callback that returns an auto-submitting HTML form POSTing a base64-encoded, XML-DSig-signed SAML Response to the SP's assertion consumer service, echoing RelayState.
  • GET/POST <sloServiceUrl> — a SamlSloCallback class callback that returns an auto-submitting HTML form POSTing a signed SAML LogoutResponse to the SP's Single-Logout service, echoing RelayState (omitted when no SLO path is configured).

The signing credential is taken from the configuration if supplied, otherwise a self-signed RSA credential is generated (see SamlSigningCredential). All SAML XML is built with the JDK XML APIs and enveloped-signed with the JDK XML Digital Signature API — no OpenSAML dependency.

Usage mirrors OidcProviderGenerator: call generate(SamlProviderConfiguration) and upsert the returned expectations.

  • Constructor Details

    • SamlProviderGenerator

      public SamlProviderGenerator()

  • Method Details

    • generate

      public List<Expectation> generate(SamlProviderConfiguration config)
      Generates SAML IdP expectations from the given configuration.
      Parameters:
      config - the provider configuration (must not be null)
      Returns:
      the generated expectations (metadata + SSO endpoint)