Example 11 with SignatureException
use of ddf.security.samlp.SignatureException in project ddf by codice.
the class LogoutRequestService method getSamlpSoapLogoutResponse.
private Response getSamlpSoapLogoutResponse(LogoutWrapper<LogoutResponse> samlResponse, String statusCode, String statusMessage) {
if (samlResponse == null) {
return Response.serverError().build();
}
LOGGER.debug("Configuring SAML Response for SOAP.");
Document doc = DOMUtils.createDocument();
doc.appendChild(doc.createElement(ROOT_NODE_NAME));
LOGGER.debug("Setting SAML status on Response for SOAP");
if (statusCode != null) {
if (statusMessage != null) {
samlResponse.getMessage().setStatus(SamlProtocol.createStatus(statusCode, statusMessage));
} else {
samlResponse.getMessage().setStatus(SamlProtocol.createStatus(statusCode));
}
}
try {
LOGGER.debug("Signing SAML Response for SOAP.");
LogoutResponse logoutResponse = simpleSign.forceSignSamlObject(samlResponse.getMessage());
Envelope soapMessage = SamlProtocol.createSoapMessage(logoutResponse);
LOGGER.debug("Converting SAML Response to DOM");
String assertionResponse = DOM2Writer.nodeToString(OpenSAMLUtil.toDom(soapMessage, doc));
String encodedSamlResponse = Base64.getEncoder().encodeToString(assertionResponse.getBytes(StandardCharsets.UTF_8));
return Response.ok(encodedSamlResponse).build();
} catch (SignatureException | WSSecurityException | XMLStreamException e) {
LOGGER.debug("Failure constructing SOAP LogoutResponse", e);
return Response.serverError().build();
}
}
Also used :
LogoutResponse(org.opensaml.saml.saml2.core.LogoutResponse)
XMLStreamException(javax.xml.stream.XMLStreamException)
WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)
SignatureException(ddf.security.samlp.SignatureException)
Document(org.w3c.dom.Document)
Envelope(org.opensaml.soap.soap11.Envelope)
Example 12 with SignatureException
use of ddf.security.samlp.SignatureException in project ddf by codice.
the class LogoutRequestService method validateSignature.
private boolean validateSignature(LogoutRequest logoutRequest) {
Signature signature = logoutRequest.getSignature();
if (signature == null) {
LOGGER.debug("Unsigned logoutRequest");
return false;
}
Element dom = logoutRequest.getDOM();
if (dom == null) {
LOGGER.debug("Incorrectly formatted logoutRequest");
return false;
}
try {
simpleSign.validateSignature(signature, dom.getOwnerDocument());
return true;
} catch (SignatureException e) {
LOGGER.debug("Invalid signature on logoutRequest", e);
return false;
}
}
Also used :
Signature(org.opensaml.xmlsec.signature.Signature)
Element(org.w3c.dom.Element)
SignatureException(ddf.security.samlp.SignatureException)
Aggregations
SignatureException (ddf.security.samlp.SignatureException)12
X509Certificate (java.security.cert.X509Certificate)4
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)4
BasicX509Credential (org.opensaml.security.x509.BasicX509Credential)3
UnsupportedEncodingException (java.io.UnsupportedEncodingException)2
PrivateKey (java.security.PrivateKey)2
SAMLKeyInfo (org.apache.wss4j.common.saml.SAMLKeyInfo)2
AuthenticationFailureException (org.codice.ddf.platform.filter.AuthenticationFailureException)2
Response (org.opensaml.saml.saml2.core.Response)2
SAMLSignatureProfileValidator (org.opensaml.saml.security.impl.SAMLSignatureProfileValidator)2
KeyInfo (org.opensaml.xmlsec.signature.KeyInfo)2
Signature (org.opensaml.xmlsec.signature.Signature)2
Document (org.w3c.dom.Document)2
Element (org.w3c.dom.Element)2
ValidationException (ddf.security.samlp.impl.ValidationException)1
ByteArrayInputStream (java.io.ByteArrayInputStream)1
IOException (java.io.IOException)1
URI (java.net.URI)1
URISyntaxException (java.net.URISyntaxException)1
InvalidKeyException (java.security.InvalidKeyException)1
