Example 1 with FSAuthnRequestEnvelope
use of com.sun.identity.federation.message.FSAuthnRequestEnvelope in project OpenAM by OpenRock.
the class FSLoginHelper method createAuthnRequestEnvelope.
/**
* Creates <code>AuthnRequestEnvelope</code> for <code>LECP</code> profile.
* @param request <code>HttpServletRequest</code> object
* @return xml string of an <code>AuthnRequestEnvelope</code> object
*/
public String createAuthnRequestEnvelope(HttpServletRequest request) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSLoginHelper.createAuthnRequestEnvelope(): called" + request.getParameter("metaAlias"));
}
try {
String metaAlias = request.getParameter("metaAlias");
//FSServiceUtils.getMetaAlias(request);
setMetaInfo(metaAlias, null);
FSAuthnRequest authnRequest = null;
Map headerMap = new HashMap();
Enumeration headerNames = request.getHeaderNames();
while (headerNames.hasMoreElements()) {
String hn = headerNames.nextElement().toString();
String hv = request.getHeader(hn);
headerMap.put(hn, hv);
}
Set idpSet = getIDPs(metaAlias);
String LRURL = request.getParameter(IFSConstants.LRURL);
if (LRURL == null || LRURL.equals("")) {
LRURL = FSServiceUtils.getFederationDonePageURL(request, hostConfig, metaAlias);
}
authnRequest = getAuthnReq(headerMap, LRURL, true);
authnRequest.setMinorVersion(FSServiceUtils.getMinorVersion(hostDescriptor.getProtocolSupportEnumeration()));
if (authnRequest == null) {
FSUtils.debug.error("FSLoginHelper.createAuthnRequest()::AuthnRequest is null");
return errorPage + "&" + IFSConstants.FEDERROR + "=" + URLEncDec.encode("Unable to create AuthnRequest") + "&" + IFSConstants.FEDREMARK + "=" + URLEncDec.encode("Please check your Federation Configuration.");
}
String requestID = authnRequest.getRequestID();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSLoginHelper.createAuthnRequest()::RequestID: " + requestID);
}
FSSessionManager sessMngr = FSSessionManager.getInstance(metaAlias);
sessMngr.setAuthnRequest(requestID, authnRequest);
Object ssoToken = SessionManager.getProvider().getSession(request);
if (ssoToken != null) {
sessMngr.setLocalSessionToken(requestID, ssoToken);
}
//check if dontgotothird level domain flag is off is yes
//if yes then get one provider and and send to intersiteurl
//else send to third level domain for provider id
//also check if there is a single idp if yes go to intersite
//transfer with providerid
//*****************
FSAuthnRequestEnvelope authnRequestEnvelope = null;
boolean isPassive = false;
FSIDPList idpList = null;
//get IDPList from directory
String assertionConsumerURL = FSServiceUtils.getAssertionConsumerServiceURL(hostDescriptor, null);
List idpEntryList = null;
String idpID = null;
String idpLocation = null;
Iterator iter = idpSet.iterator();
while (iter.hasNext()) {
idpID = (String) iter.next();
if (idpID != null) {
IDPDescriptorType idpDescr = metaManager.getIDPDescriptor(realm, idpID);
idpLocation = idpDescr.getSingleSignOnServiceURL();
if (idpEntryList == null) {
idpEntryList = new ArrayList();
}
idpEntryList.add(new IDPEntry(idpID, idpID, idpLocation));
}
}
int minorVersion = FSServiceUtils.getMinorVersion(hostDescriptor.getProtocolSupportEnumeration());
IDPEntries idpEntries = new IDPEntries(idpEntryList);
idpList = new FSIDPList(idpEntries, null);
idpList.setMinorVersion(minorVersion);
if (FSServiceUtils.isSigningOn()) {
if (hostDescriptor.isAuthnRequestsSigned()) {
authnRequest.signXML(IDFFMetaUtils.getFirstAttributeValueFromConfig(hostConfig, IFSConstants.SIGNING_CERT_ALIAS));
}
}
authnRequestEnvelope = new FSAuthnRequestEnvelope(authnRequest, hostEntityID, hostEntityID, assertionConsumerURL, idpList, isPassive);
authnRequestEnvelope.setMinorVersion(minorVersion);
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSLoginHelper.createAuthnRequest: " + "AuthnRequestEnvelope: " + authnRequestEnvelope.toXMLString());
}
return authnRequestEnvelope.toXMLString();
} catch (Exception e) {
FSUtils.debug.error("FSLoginHelper.createAuthnRequest():Exception Occured: ", e);
return null;
}
}
Also used :
Enumeration(java.util.Enumeration)
HashSet(java.util.HashSet)
Set(java.util.Set)
HashMap(java.util.HashMap)
FSAuthnRequest(com.sun.identity.federation.message.FSAuthnRequest)
FSAuthnRequestEnvelope(com.sun.identity.federation.message.FSAuthnRequestEnvelope)
ArrayList(java.util.ArrayList)
IDPEntries(com.sun.identity.federation.message.common.IDPEntries)
COTException(com.sun.identity.cot.COTException)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
IDPDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType)
FSIDPList(com.sun.identity.federation.message.FSIDPList)
Iterator(java.util.Iterator)
ArrayList(java.util.ArrayList)
List(java.util.List)
FSIDPList(com.sun.identity.federation.message.FSIDPList)
IDPEntry(com.sun.identity.federation.message.common.IDPEntry)
HashMap(java.util.HashMap)
Map(java.util.Map)
Example 2 with FSAuthnRequestEnvelope
use of com.sun.identity.federation.message.FSAuthnRequestEnvelope in project OpenAM by OpenRock.
the class FSLoginHelper method createAuthnRequest.
/**
* Returns a Map of headers,lrurl/responsedata.
* @param headers Map of headers
* @param LRURL relay state url
* @param authLevel authentication level
* @param metaAlias meta alias of hosted provider
* @param remoteEntityID remote provider's entity ID
* @param isFedCookiePresent if fed cookie present or not
* @return Map of headers and lrurl/responedata
* @exception FSLoginHelperException if error occurrs
*/
public Map createAuthnRequest(Map headers, String LRURL, String authLevel, String metaAlias, String remoteEntityID, boolean isFedCookiePresent) throws FSLoginHelperException {
Map retHeaderMap = new HashMap();
setMetaInfo(metaAlias, authLevel);
FSUtils.debug.message("FSLoginHelper.createAuthnRequest(): called");
FSAuthnRequest authnRequest = null;
if (remoteEntityID != null) {
authnRequest = getAuthnReq(headers, LRURL, true);
} else {
authnRequest = getAuthnReq(headers, LRURL, false);
}
if (authnRequest == null) {
FSUtils.debug.error("FSLoginHelper.createAuthnRequest()::AuthnRequest is null");
String redirectURL = errorPage + "&" + IFSConstants.FEDERROR + "=" + URLEncDec.encode("Unable to create AuthnRequest") + "&" + IFSConstants.FEDREMARK + "=" + URLEncDec.encode("Please check your Federation Configuration.");
return createMap(redirectURL, null, retHeaderMap);
}
String requestID = authnRequest.getRequestID();
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSLoginHelper.createAuthnRequest()::RequestID: " + requestID);
}
FSSessionManager sessMngr = FSSessionManager.getInstance(metaAlias);
sessMngr.setAuthnRequest(requestID, authnRequest);
sessMngr.setIDPEntityID(requestID, remoteEntityID);
String redirectURL = null;
//check if dontgotothird level domain flag is off is yes
//if yes then get one provider and and send to intersiteurl
//else send to third level domain for provider id
//also check if there is a single idp if yes go to intersite transfer
//with providerid
boolean isSingleIDP = true;
boolean isSSO = false;
Set idpSet = getIDPs(metaAlias);
if (remoteEntityID == null) {
isSSO = true;
}
if (idpSet.size() > 1) {
isSingleIDP = false;
}
//*****************
if (isLECPProfile(headers)) {
FSUtils.debug.message("FSLoginHelper.createAuthnRequest():LECP Request Identified");
retHeaderMap.put("content-type", IFSConstants.LECP_CONTENT_TYPE_HEADER);
String responseData = null;
try {
FSAuthnRequestEnvelope authnRequestEnvelope = null;
boolean isPassive = false;
FSIDPList idpList = null;
//get IDPList from directory
String assertionConsumerURL = FSServiceUtils.getAssertionConsumerServiceURL(hostDescriptor, null);
List idpEntryList = null;
String idpID = null;
String idpName = null;
String idpLocation = null;
Iterator iter = idpSet.iterator();
while (iter.hasNext()) {
idpID = (String) iter.next();
if (idpID != null) {
IDPDescriptorType idpDescr = metaManager.getIDPDescriptor(realm, idpID);
idpLocation = idpDescr.getSingleSignOnServiceURL();
if (idpEntryList == null) {
idpEntryList = new ArrayList();
}
idpEntryList.add(new IDPEntry(idpID, idpID, idpLocation));
}
}
IDPEntries idpEntries = new IDPEntries(idpEntryList);
idpList = new FSIDPList(idpEntries, null);
int minorVersion = FSServiceUtils.getMinorVersion(hostDescriptor.getProtocolSupportEnumeration());
idpList.setMinorVersion(minorVersion);
authnRequest.setMinorVersion(minorVersion);
if (FSServiceUtils.isSigningOn()) {
if (hostDescriptor.isAuthnRequestsSigned()) {
authnRequest.signXML(IDFFMetaUtils.getFirstAttributeValueFromConfig(hostConfig, IFSConstants.SIGNING_CERT_ALIAS));
}
}
authnRequestEnvelope = new FSAuthnRequestEnvelope(authnRequest, hostEntityID, hostEntityID, assertionConsumerURL, idpList, isPassive);
authnRequestEnvelope.setMinorVersion(minorVersion);
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSLoginHelper.createAuthnRequest: " + "AuthnRequestEnvelope: " + authnRequestEnvelope.toXMLString());
}
responseData = authnRequestEnvelope.toXMLString();
// responseData = authnRequestEnvelope.toBASE64EncodedString();
} catch (Exception e) {
FSUtils.debug.error("FSLoginHelper.createAuthnRequest(): " + "Exception Occured: " + e.getMessage());
}
Map retMap = createMap(null, responseData, retHeaderMap);
retMap.put(authnReqIDKey, requestID);
return retMap;
}
//*****************
String tldURL = getTLDURL();
if (isSSO && tldURL != null && !isSingleIDP) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSLoginHelper:: createAuthnRequest " + "In case where isSSO true and tldURL is true and not " + "single idp. So redirecting to thirdlevel domain");
}
redirectURL = tldURL + "?" + IFSConstants.LRURL + "=" + URLEncDec.encode(interSiteURL + "?" + authnReqIDKey + "=" + URLEncDec.encode(requestID) + "&" + IFSConstants.META_ALIAS + "=" + metaAlias);
} else if (isSSO && !isSingleIDP) {
if (FSUtils.debug.messageEnabled())
FSUtils.debug.message("FSLoginHelper:: createAuthnRequest " + " In case where isSSO true and not a single idp so have " + "show common login page");
Map retMap = createMap(null, null, retHeaderMap);
retMap.put(authnReqIDKey, requestID);
return retMap;
} else {
boolean noIDP = false;
if (remoteEntityID == null) {
if (idpSet != null && idpSet.size() > 0) {
remoteEntityID = (String) idpSet.iterator().next();
} else {
FSUtils.debug.error("FSLoginHelper:: no idps found in config." + " Cannot proceed.");
redirectURL = errorPage + "&" + IFSConstants.FEDERROR + "=" + URLEncDec.encode("No IDPs Found in Configuration.") + "&" + IFSConstants.FEDREMARK + "=" + URLEncDec.encode("Please configure you Federation Services for an IDP.");
noIDP = true;
}
}
if (!noIDP) {
String succintID = FSUtils.generateSourceID(remoteEntityID);
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSLoginHelper:: createAuthnRequest " + " Redirecting to intersiteTransfer URL " + interSiteURL + " with providerID and Base64 encoded SuccintID. " + remoteEntityID + "---" + succintID);
}
//check for presence of federate cookie
if (!isFedCookiePresent) {
if (actionOnNoFedCookie.equals(IFSConstants.COMMON_LOGIN)) {
Map retMap = createMap(null, null, retHeaderMap);
retMap.put(authnReqIDKey, requestID);
return retMap;
} else if (actionOnNoFedCookie.equals(IFSConstants.ACTIVE)) {
changeToPassiveAuthnRequest(requestID, false, metaAlias);
} else {
changeToPassiveAuthnRequest(requestID, true, metaAlias);
}
}
String providerID = FSUtils.stringToBase64(succintID);
redirectURL = interSiteURL + "?" + authnReqIDKey + "=" + URLEncDec.encode(requestID) + "&" + providerIDKey + "=" + URLEncDec.encode(providerID) + "&" + IFSConstants.META_ALIAS + "=" + metaAlias;
}
}
/**
* If this flag is set via the query param, we will always make
* a passive call to the IDP.
*/
if (isPassiveQuery) {
changeToPassiveAuthnRequest(requestID, true, metaAlias);
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSLoginHelper.createAuthnRequest()::" + "redirectURL : " + redirectURL);
}
if (isWMLProfile(headers)) {
retHeaderMap.put("content-type", "text/vnd.wap.wml");
} else {
retHeaderMap.put("content-type", "text/html");
}
Map retMap = createMap(redirectURL, null, retHeaderMap);
retMap.put(authnReqIDKey, requestID);
return retMap;
}
Also used :
HashSet(java.util.HashSet)
Set(java.util.Set)
HashMap(java.util.HashMap)
FSAuthnRequest(com.sun.identity.federation.message.FSAuthnRequest)
FSAuthnRequestEnvelope(com.sun.identity.federation.message.FSAuthnRequestEnvelope)
ArrayList(java.util.ArrayList)
IDPEntries(com.sun.identity.federation.message.common.IDPEntries)
COTException(com.sun.identity.cot.COTException)
IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException)
IDPDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType)
FSIDPList(com.sun.identity.federation.message.FSIDPList)
Iterator(java.util.Iterator)
ArrayList(java.util.ArrayList)
List(java.util.List)
FSIDPList(com.sun.identity.federation.message.FSIDPList)
IDPEntry(com.sun.identity.federation.message.common.IDPEntry)
HashMap(java.util.HashMap)
Map(java.util.Map)
Aggregations
COTException (com.sun.identity.cot.COTException)2
FSAuthnRequest (com.sun.identity.federation.message.FSAuthnRequest)2
FSAuthnRequestEnvelope (com.sun.identity.federation.message.FSAuthnRequestEnvelope)2
FSIDPList (com.sun.identity.federation.message.FSIDPList)2
IDPEntries (com.sun.identity.federation.message.common.IDPEntries)2
IDPEntry (com.sun.identity.federation.message.common.IDPEntry)2
IDFFMetaException (com.sun.identity.federation.meta.IDFFMetaException)2
IDPDescriptorType (com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType)2
ArrayList (java.util.ArrayList)2
HashMap (java.util.HashMap)2
HashSet (java.util.HashSet)2
Iterator (java.util.Iterator)2
List (java.util.List)2
Map (java.util.Map)2
Set (java.util.Set)2
Enumeration (java.util.Enumeration)1
