Example 6 with ResourceOffering
use of com.sun.identity.liberty.ws.disco.ResourceOffering in project OpenAM by OpenRock.
the class SAML2SDKUtils method getDiscoveryBootStrapResourceOffering.
/**
* Gets the Discovery bootstrap resource offering in an attribute
* statement. After a single sign-on with an Identity Provider, a service
* provider may get Discovery service esource Offerings through a SAML2
* assertion. This APIs helps in retrieving the resource offerings
* if the user has been authenticated through the SAML2 SSO. It will
* need to have a valid single sign on token (generated through the
* SAML2 SSO).
*
* @param request <code>HttpServletRequest</code> associated with a user
* session.
* @return <code>ResourceOffering</code> Discovery Resource Offering,
* null if there is any failure or if there is not one
*/
public static ResourceOffering getDiscoveryBootStrapResourceOffering(HttpServletRequest request) {
if (request == null) {
if (debug.messageEnabled()) {
debug.message("SAML2Utils.getDiscoveryBootStrapResource" + "Offerings: null Input params");
}
return null;
}
try {
SessionProvider sessionProvider = SessionManager.getProvider();
Object session = sessionProvider.getSession(request);
String[] roStr = sessionProvider.getProperty(session, SAML2Constants.DISCOVERY_BOOTSTRAP_ATTRIBUTE_NAME);
if ((roStr == null) || (roStr.length == 0)) {
return null;
}
return new ResourceOffering(XMLUtils.toDOMDocument(roStr[0], debug).getDocumentElement());
} catch (Exception ex) {
debug.error("SAML2Utils.getDiscoveryBootStrapResourceOfferings: " + " Exception while retrieving discovery boot strap info.", ex);
return null;
}
}
Also used :
ResourceOffering(com.sun.identity.liberty.ws.disco.ResourceOffering)
SOAPException(javax.xml.soap.SOAPException)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
SessionProvider(com.sun.identity.plugin.session.SessionProvider)
Example 7 with ResourceOffering
use of com.sun.identity.liberty.ws.disco.ResourceOffering in project OpenAM by OpenRock.
the class DiscoveryBootstrap method getResourceOffering.
/**
* Gets the discovery bootstrap resource offering for the user.
* @return Discovery Resource Offering String
* @exception SAML2Exception if there's any failure.
*/
private String getResourceOffering(String authnContextClassRef, Subject subject, String wscID, String realm) throws SAML2Exception {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("DiscoveryBootstrap.getResourceOffering:Init");
}
DiscoEntryElement discoEntry = DiscoServiceManager.getBootstrappingDiscoEntry();
if (discoEntry == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("missingUnivID"));
}
String[] values = null;
try {
values = SessionManager.getProvider().getProperty(session, Constants.UNIVERSAL_IDENTIFIER);
} catch (SessionException se) {
throw new SAML2Exception(se);
}
if ((values == null) || (values.length == 0)) {
throw new SAML2Exception(SAML2Utils.bundle.getString("missingDiscoOffering"));
}
String univID = values[0];
try {
ResourceOfferingType offering = discoEntry.getResourceOffering();
ServiceInstanceType serviceInstance = offering.getServiceInstance();
String providerID = serviceInstance.getProviderID();
if (!DiscoServiceManager.useImpliedResource()) {
ResourceIDMapper idMapper = DiscoServiceManager.getResourceIDMapper(providerID);
if (idMapper == null) {
idMapper = DiscoServiceManager.getDefaultResourceIDMapper();
}
ObjectFactory fac = new ObjectFactory();
ResourceIDType resourceID = fac.createResourceIDType();
String resourceIDValue = idMapper.getResourceID(providerID, univID);
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("DiscoveryBootstrap.getResourceOffering: " + "ResourceID Value:" + resourceIDValue);
}
resourceID.setValue(resourceIDValue);
offering.setResourceID(resourceID);
} else {
ObjectFactory fac = new com.sun.identity.liberty.ws.disco.jaxb.ObjectFactory();
ResourceIDType resourceID = fac.createResourceIDType();
resourceID.setValue(DiscoConstants.IMPLIED_RESOURCE);
offering.setResourceID(resourceID);
}
List discoEntryList = new ArrayList();
discoEntryList.add(discoEntry);
SessionSubject sessionSubject = null;
if (DiscoServiceManager.encryptNIinSessionContext()) {
IDPSSODescriptorElement idpSSODesc = SAML2Utils.getSAML2MetaManager().getIDPSSODescriptor(realm, providerID);
EncInfo encInfo = KeyUtil.getEncInfo(idpSSODesc, wscID, SAML2Constants.IDP_ROLE);
NameIdentifier ni = EncryptedNameIdentifier.getEncryptedNameIdentifier(convertSPNameID(subject.getNameID()), providerID, encInfo.getWrappingKey(), encInfo.getDataEncAlgorithm(), encInfo.getDataEncStrength());
sessionSubject = new SessionSubject(ni, convertSC(subject.getSubjectConfirmation()), convertIDPNameID(subject.getNameID()));
} else {
sessionSubject = new SessionSubject(convertSPNameID(subject.getNameID()), convertSC(subject.getSubjectConfirmation()), convertIDPNameID(subject.getNameID()));
}
AuthnContext authnContext = new AuthnContext(authnContextClassRef, null);
authnContext.setMinorVersion(IFSConstants.FF_12_PROTOCOL_MINOR_VERSION);
SessionContext invocatorSession = new SessionContext(sessionSubject, authnContext, providerID);
Map map = DiscoUtils.checkPolicyAndHandleDirectives(univID, null, discoEntryList, null, invocatorSession, wscID, session);
List offerings = (List) map.get(DiscoUtils.OFFERINGS);
if (offerings.isEmpty()) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("DiscoveryBootstrap.getResourceOffering:" + "no ResourceOffering");
}
throw new SAML2Exception(SAML2Utils.bundle.getString("missingDiscoOffering"));
}
ResourceOffering resourceOffering = (ResourceOffering) offerings.get(0);
assertions = (List) map.get(DiscoUtils.CREDENTIALS);
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("DiscoveryBootstrap.getResourceOffering: " + "Resource Offering:" + resourceOffering);
}
return resourceOffering.toString();
} catch (Exception ex) {
SAML2Utils.debug.error("DiscoveryBootstrap.getResourceOffering:" + "Exception while creating resource offering.", ex);
throw new SAML2Exception(ex);
}
}
Also used :
ResourceOffering(com.sun.identity.liberty.ws.disco.ResourceOffering)
SessionSubject(com.sun.identity.liberty.ws.security.SessionSubject)
NameIdentifier(com.sun.identity.saml.assertion.NameIdentifier)
IDPProvidedNameIdentifier(com.sun.identity.federation.message.common.IDPProvidedNameIdentifier)
EncryptedNameIdentifier(com.sun.identity.federation.message.common.EncryptedNameIdentifier)
ResourceOfferingType(com.sun.identity.liberty.ws.disco.jaxb.ResourceOfferingType)
ArrayList(java.util.ArrayList)
SessionException(com.sun.identity.plugin.session.SessionException)
DiscoEntryElement(com.sun.identity.liberty.ws.disco.plugins.jaxb.DiscoEntryElement)
SessionException(com.sun.identity.plugin.session.SessionException)
SAMLException(com.sun.identity.saml.common.SAMLException)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
AuthnContext(com.sun.identity.federation.message.common.AuthnContext)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
EncInfo(com.sun.identity.saml2.key.EncInfo)
ServiceInstanceType(com.sun.identity.liberty.ws.disco.jaxb.ServiceInstanceType)
ResourceIDMapper(com.sun.identity.liberty.ws.interfaces.ResourceIDMapper)
ObjectFactory(com.sun.identity.liberty.ws.disco.jaxb.ObjectFactory)
SessionContext(com.sun.identity.liberty.ws.security.SessionContext)
ArrayList(java.util.ArrayList)
List(java.util.List)
ResourceIDType(com.sun.identity.liberty.ws.disco.jaxb.ResourceIDType)
Map(java.util.Map)
IDPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)
Example 8 with ResourceOffering
use of com.sun.identity.liberty.ws.disco.ResourceOffering in project OpenAM by OpenRock.
the class LibertyManagerImpl method getDiscoveryResourceOffering.
/**
* Returns the discovery service bootstrap resource offering.
* @param tokenID Single Sign On Token ID.
* @param hostProviderID Hosted <code>ProviderID</code>.
* @return <code>String</code> Discovery Service Resource Offering.
* @exception RemoteException if any failure.
*/
public String getDiscoveryResourceOffering(String tokenID, String hostProviderID) throws RemoteException {
try {
Object token = SessionManager.getProvider().getSession(tokenID);
FSSession session = FSSessionManager.getInstance(IDFFMetaUtils.getMetaAlias(IFSConstants.ROOT_REALM, hostProviderID, IFSConstants.SP, null)).getSession(token);
if (session == null) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("LibertyManagerImpl.getDiscovery:" + "ResourceOffering: no FSSession found");
}
return null;
}
NodeList bootStrapRO = session.getBootStrapResourceOfferings();
if (bootStrapRO == null || bootStrapRO.getLength() == 0) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("LibertyManagerImpl.getDiscovery:" + "ResourceOffering: bootstrap resource offering is null");
}
return null;
}
ResourceOffering offering = new ResourceOffering((Element) bootStrapRO.item(0));
return offering.toString();
} catch (SessionException se) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("LibertyManagerImpl.getDiscoveryResource" + "Offering: SessionException", se);
}
throw new RemoteException(FSUtils.bundle.getString("invalidSSOToken"));
} catch (DiscoveryException de) {
FSUtils.debug.error("LibertyManagerImpl.getDiscoveryResource" + "Offering: Resource Offering parsing error", de);
throw new RemoteException(FSUtils.bundle.getString("invalidResourceOffering"));
}
}
Also used :
ResourceOffering(com.sun.identity.liberty.ws.disco.ResourceOffering)
NodeList(org.w3c.dom.NodeList)
FSSession(com.sun.identity.federation.services.FSSession)
SessionException(com.sun.identity.plugin.session.SessionException)
RemoteException(java.rmi.RemoteException)
DiscoveryException(com.sun.identity.liberty.ws.disco.DiscoveryException)
Aggregations
ResourceOffering (com.sun.identity.liberty.ws.disco.ResourceOffering)8
ArrayList (java.util.ArrayList)5
List (java.util.List)5
Map (java.util.Map)4
DiscoveryException (com.sun.identity.liberty.ws.disco.DiscoveryException)3
DiscoEntryElement (com.sun.identity.liberty.ws.disco.plugins.jaxb.DiscoEntryElement)3
ResourceIDMapper (com.sun.identity.liberty.ws.interfaces.ResourceIDMapper)3
SessionException (com.sun.identity.plugin.session.SessionException)3
FSException (com.sun.identity.federation.common.FSException)2
ObjectFactory (com.sun.identity.liberty.ws.disco.jaxb.ObjectFactory)2
ResourceIDType (com.sun.identity.liberty.ws.disco.jaxb.ResourceIDType)2
ResourceOfferingType (com.sun.identity.liberty.ws.disco.jaxb.ResourceOfferingType)2
ServiceInstanceType (com.sun.identity.liberty.ws.disco.jaxb.ServiceInstanceType)2
SecurityAssertion (com.sun.identity.liberty.ws.security.SecurityAssertion)2
SessionProvider (com.sun.identity.plugin.session.SessionProvider)2
Iterator (java.util.Iterator)2
SOAPException (javax.xml.soap.SOAPException)2
Document (org.w3c.dom.Document)2
NodeList (org.w3c.dom.NodeList)2
AuthnContext (com.sun.identity.federation.message.common.AuthnContext)1
