Example 1 with SAMLSSOResponseValidator
use of org.apache.cxf.rs.security.saml.sso.SAMLSSOResponseValidator in project syncope by apache.
the class SAML2ReaderWriter method validate.
public SSOValidatorResponse validate(final Response samlResponse, final SAML2IdPEntity idp, final String assertionConsumerURL, final String requestId, final String spEntityID) throws WSSecurityException {
// validate the SAML response and, if needed, decrypt the provided assertion(s)
Merlin crypto = new Merlin();
crypto.setKeyStore(loader.getKeyStore());
crypto.setTrustStore(idp.getTrustStore());
SAMLProtocolResponseValidator protocolValidator = new SAMLProtocolResponseValidator();
protocolValidator.setKeyInfoMustBeAvailable(true);
protocolValidator.validateSamlResponse(samlResponse, crypto, callbackHandler);
SAMLSSOResponseValidator ssoResponseValidator = new SAMLSSOResponseValidator();
ssoResponseValidator.setAssertionConsumerURL(assertionConsumerURL);
ssoResponseValidator.setIssuerIDP(idp.getId());
ssoResponseValidator.setRequestId(requestId);
ssoResponseValidator.setSpIdentifier(spEntityID);
SSOValidatorResponse validatorResponse = ssoResponseValidator.validateSamlResponse(samlResponse, idp.getBindingType() == SAML2BindingType.POST);
if (LOG.isDebugEnabled()) {
try {
StringWriter writer = new StringWriter();
write(writer, samlResponse, false);
writer.close();
LOG.debug("SAML response with decrypted assertions: {}", writer.toString());
} catch (Exception e) {
LOG.error("Could not log the SAML response with decrypted assertions", e);
}
}
return validatorResponse;
}
Also used :
SAMLProtocolResponseValidator(org.apache.cxf.rs.security.saml.sso.SAMLProtocolResponseValidator)
SAMLSSOResponseValidator(org.apache.cxf.rs.security.saml.sso.SAMLSSOResponseValidator)
StringWriter(java.io.StringWriter)
Merlin(org.apache.wss4j.common.crypto.Merlin)
WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)
XMLStreamException(javax.xml.stream.XMLStreamException)
SecurityException(org.opensaml.security.SecurityException)
SignatureException(java.security.SignatureException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
TransformerException(javax.xml.transform.TransformerException)
DataFormatException(java.util.zip.DataFormatException)
TransformerConfigurationException(javax.xml.transform.TransformerConfigurationException)
IOException(java.io.IOException)
SSOValidatorResponse(org.apache.cxf.rs.security.saml.sso.SSOValidatorResponse)
Aggregations
IOException (java.io.IOException)1
StringWriter (java.io.StringWriter)1
UnsupportedEncodingException (java.io.UnsupportedEncodingException)1
InvalidKeyException (java.security.InvalidKeyException)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
SignatureException (java.security.SignatureException)1
DataFormatException (java.util.zip.DataFormatException)1
XMLStreamException (javax.xml.stream.XMLStreamException)1
TransformerConfigurationException (javax.xml.transform.TransformerConfigurationException)1
TransformerException (javax.xml.transform.TransformerException)1
SAMLProtocolResponseValidator (org.apache.cxf.rs.security.saml.sso.SAMLProtocolResponseValidator)1
SAMLSSOResponseValidator (org.apache.cxf.rs.security.saml.sso.SAMLSSOResponseValidator)1
SSOValidatorResponse (org.apache.cxf.rs.security.saml.sso.SSOValidatorResponse)1
Merlin (org.apache.wss4j.common.crypto.Merlin)1
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)1
SecurityException (org.opensaml.security.SecurityException)1
