use of com.sun.identity.saml2.protocol.Status in project OpenAM by OpenRock.
the class LogoutUtil method generateResponse.
/**
* Builds the <code>LogoutResponse</code> to be sent to IDP.
*
* @param status status of the response.
* @param inResponseTo inResponseTo.
* @param issuer issuer of the response, which is SP.
* @param realm inResponseTo.
* @param hostRole issuer of the response, which is SP.
* @param remoteEntity will get this response.
*
* @return <code>LogoutResponse</code>
*
*/
public static LogoutResponse generateResponse(Status status, String inResponseTo, Issuer issuer, String realm, String hostRole, String remoteEntity) {
if (status == null) {
status = SAML2Utils.generateStatus(SAML2Constants.SUCCESS, SAML2Utils.bundle.getString("requestSuccess"));
}
LogoutResponse logoutResponse = ProtocolFactory.getInstance().createLogoutResponse();
String responseID = SAMLUtils.generateID();
try {
logoutResponse.setStatus(status);
logoutResponse.setID(responseID);
logoutResponse.setInResponseTo(inResponseTo);
logoutResponse.setVersion(SAML2Constants.VERSION_2_0);
logoutResponse.setIssueInstant(new Date());
logoutResponse.setIssuer(issuer);
} catch (SAML2Exception e) {
debug.error("Error in generating LogoutResponse.", e);
}
return logoutResponse;
}
use of com.sun.identity.saml2.protocol.Status in project OpenAM by OpenRock.
the class NameIDMapping method processNameIDMappingRequest.
public static NameIDMappingResponse processNameIDMappingRequest(NameIDMappingRequest nimRequest, String realm, String idpEntityID) throws SAML2Exception {
NameIDMappingResponse nimResponse = null;
String spEntityID = nimRequest.getIssuer().getValue();
if (spEntityID == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("nullSPEntityID"));
}
String responseID = SAML2Utils.generateID();
if (responseID == null) {
SAML2Utils.debug.error(SAML2Utils.bundle.getString("failedToGenResponseID"));
}
nimResponse = pf.createNameIDMappingResponse();
nimResponse.setID(responseID);
nimResponse.setInResponseTo(nimRequest.getID());
nimResponse.setVersion(SAML2Constants.VERSION_2_0);
nimResponse.setIssueInstant(new Date());
nimResponse.setIssuer(SAML2Utils.createIssuer(idpEntityID));
SAML2Utils.verifyRequestIssuer(realm, idpEntityID, nimRequest.getIssuer(), nimRequest.getID());
NameIDPolicy nameIDPolicy = nimRequest.getNameIDPolicy();
String targetSPEntityID = nameIDPolicy.getSPNameQualifier();
String format = nameIDPolicy.getFormat();
Status status = null;
if ((format != null) && (format.length() != 0) && (!format.equals(SAML2Constants.PERSISTENT)) && (!format.equals(SAML2Constants.UNSPECIFIED))) {
nimResponse.setNameID(nimRequest.getNameID());
nimResponse.setEncryptedID(nimRequest.getEncryptedID());
status = SAML2Utils.generateStatus(SAML2Constants.INVALID_NAME_ID_POLICY, SAML2Utils.bundle.getString("targetNameIDFormatUnsupported"));
} else if ((targetSPEntityID == null) || (targetSPEntityID.length() == 0) || targetSPEntityID.equals(spEntityID)) {
nimResponse.setNameID(nimRequest.getNameID());
nimResponse.setEncryptedID(nimRequest.getEncryptedID());
status = SAML2Utils.generateStatus(SAML2Constants.INVALID_NAME_ID_POLICY, SAML2Utils.bundle.getString("targetNameIDNoChange"));
} else {
// check if source SP has account fed
// if yes then get nameid of targetSP
IDPAccountMapper idpAcctMapper = SAML2Utils.getIDPAccountMapper(realm, idpEntityID);
NameID nameID = getNameID(nimRequest, realm, idpEntityID);
String userID = idpAcctMapper.getIdentity(nameID, idpEntityID, spEntityID, realm);
NameIDInfo targetNameIDInfo = null;
if (userID != null) {
targetNameIDInfo = AccountUtils.getAccountFederation(userID, idpEntityID, targetSPEntityID);
}
if (targetNameIDInfo == null) {
nimResponse.setNameID(nimRequest.getNameID());
nimResponse.setEncryptedID(nimRequest.getEncryptedID());
status = SAML2Utils.generateStatus(SAML2Constants.INVALID_NAME_ID_POLICY, SAML2Utils.bundle.getString("targetNameIDNotFound"));
} else {
NameID targetSPNameID = targetNameIDInfo.getNameID();
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("NameIDMapping.processNameIDMappingRequest: " + "User ID = " + userID + ", name ID = " + targetSPNameID.toXMLString(true, true));
}
nimResponse.setEncryptedID(getEncryptedID(targetSPNameID, realm, spEntityID, SAML2Constants.SP_ROLE));
status = SAML2Utils.generateStatus(SAML2Constants.SUCCESS, null);
}
}
nimResponse.setStatus(status);
signNIMResponse(nimResponse, realm, idpEntityID, false);
return nimResponse;
}
use of com.sun.identity.saml2.protocol.Status in project OpenAM by OpenRock.
the class LogoutUtil method setSessionIndex.
static void setSessionIndex(Status status, List sessionIndex) {
try {
StatusDetail sd = ProtocolFactory.getInstance().createStatusDetail();
status.setStatusDetail(sd);
if (sessionIndex != null && !sessionIndex.isEmpty()) {
List details = new ArrayList();
for (Iterator iter = sessionIndex.iterator(); iter.hasNext(); ) {
String si = (String) iter.next();
SessionIndex sIndex = ProtocolFactory.getInstance().createSessionIndex(si);
details.add(sIndex.toXMLString(true, true));
}
sd.setAny(details);
}
} catch (SAML2Exception e) {
debug.error("LogoutUtil.setSessionIndex: ", e);
}
}
use of com.sun.identity.saml2.protocol.Status in project OpenAM by OpenRock.
the class StatusImpl method parseElement.
/* Parses the <code>Status</code> Element. */
private void parseElement(Element element) throws SAML2Exception {
ProtocolFactory protoFactory = ProtocolFactory.getInstance();
NodeList nList = element.getChildNodes();
if ((nList != null) && (nList.getLength() > 0)) {
for (int i = 0; i < nList.getLength(); i++) {
Node childNode = nList.item(i);
String cName = childNode.getLocalName();
if (cName != null) {
if (cName.equals(SAML2Constants.STATUS_CODE)) {
statusCode = protoFactory.createStatusCode((Element) childNode);
validateStatusCode(statusCode);
} else if (cName.equals(SAML2Constants.STATUS_MESSAGE)) {
statusMessage = XMLUtils.getElementString((Element) childNode);
} else if (cName.equals(SAML2Constants.STATUS_DETAIL)) {
statusDetail = protoFactory.createStatusDetail((Element) childNode);
}
}
}
}
}
use of com.sun.identity.saml2.protocol.Status in project OpenAM by OpenRock.
the class StatusImpl method toXMLString.
/**
* Returns the <code>Status</code> in an XML document String format
* based on the <code>Status</code> schema described above.
*
* @param includeNSPrefix Determines whether or not the namespace qualifier
* is prepended to the Element when converted
* @param declareNS Determines whether or not the namespace is declared
* within the Element.
* @return A XML String representing the <code>Status</code>.
* @throws SAML2Exception if some error occurs during conversion to
* <code>String</code>.
*/
public String toXMLString(boolean includeNSPrefix, boolean declareNS) throws SAML2Exception {
String xmlStr = null;
if (statusCode != null) {
StringBuffer xmlString = new StringBuffer(500);
xmlString.append(SAML2Constants.START_TAG);
if (includeNSPrefix) {
xmlString.append(SAML2Constants.PROTOCOL_PREFIX);
}
xmlString.append(SAML2Constants.STATUS);
if (declareNS) {
xmlString.append(SAML2Constants.PROTOCOL_DECLARE_STR);
}
xmlString.append(SAML2Constants.END_TAG);
xmlString.append(SAML2Constants.NEWLINE).append(statusCode.toXMLString(includeNSPrefix, declareNS));
if ((statusMessage != null) && (statusMessage.length() != 0)) {
ProtocolFactory protoFactory = ProtocolFactory.getInstance();
StatusMessage sMessage = protoFactory.createStatusMessage(statusMessage);
xmlString.append(SAML2Constants.NEWLINE).append(sMessage.toXMLString(includeNSPrefix, declareNS));
}
if (statusDetail != null) {
xmlString.append(SAML2Constants.NEWLINE).append(statusDetail.toXMLString(includeNSPrefix, declareNS));
}
xmlString.append(SAML2Constants.NEWLINE).append(SAML2Constants.SAML2_END_TAG).append(SAML2Constants.STATUS).append(SAML2Constants.END_TAG);
xmlStr = xmlString.toString();
}
return xmlStr;
}
Aggregations