Example 1 with SamlIdPLogoutProperties
use of org.apereo.cas.configuration.model.support.saml.idp.SamlIdPLogoutProperties in project cas by apereo.
the class AbstractSamlSLOProfileHandlerController method handleSloProfileRequest.
/**
* Handle profile request.
*
* @param response the response
* @param request the request
* @param decoder the decoder
* @throws Exception the exception
*/
protected void handleSloProfileRequest(final HttpServletResponse response, final HttpServletRequest request, final BaseHttpServletRequestXMLMessageDecoder decoder) throws Exception {
final SamlIdPLogoutProperties logout = casProperties.getAuthn().getSamlIdp().getLogout();
if (logout.isSingleLogoutCallbacksDisabled()) {
LOGGER.info("Processing SAML IdP SLO requests is disabled");
return;
}
final Pair<? extends SignableSAMLObject, MessageContext> pair = this.samlHttpRequestExtractor.extract(request, decoder, LogoutRequest.class);
final LogoutRequest logoutRequest = LogoutRequest.class.cast(pair.getKey());
final MessageContext ctx = pair.getValue();
if (logout.isForceSignedLogoutRequests() && !SAMLBindingSupport.isMessageSigned(ctx)) {
throw new SAMLException("Logout request is not signed but should be.");
}
if (SAMLBindingSupport.isMessageSigned(ctx)) {
final String entityId = SamlIdPUtils.getIssuerFromSamlRequest(logoutRequest);
final SamlRegisteredService registeredService = this.servicesManager.findServiceBy(entityId, SamlRegisteredService.class);
final SamlRegisteredServiceServiceProviderMetadataFacade facade = SamlRegisteredServiceServiceProviderMetadataFacade.get(this.samlRegisteredServiceCachingMetadataResolver, registeredService, entityId).get();
this.samlObjectSignatureValidator.verifySamlProfileRequestIfNeeded(logoutRequest, facade, request, ctx);
}
SamlUtils.logSamlObject(this.configBean, logoutRequest);
response.sendRedirect(casProperties.getServer().getLogoutUrl());
}
Also used :
SamlRegisteredServiceServiceProviderMetadataFacade(org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)
SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService)
SamlIdPLogoutProperties(org.apereo.cas.configuration.model.support.saml.idp.SamlIdPLogoutProperties)
LogoutRequest(org.opensaml.saml.saml2.core.LogoutRequest)
MessageContext(org.opensaml.messaging.context.MessageContext)
SAMLException(org.opensaml.saml.common.SAMLException)
Aggregations
SamlIdPLogoutProperties (org.apereo.cas.configuration.model.support.saml.idp.SamlIdPLogoutProperties)1
SamlRegisteredService (org.apereo.cas.support.saml.services.SamlRegisteredService)1
SamlRegisteredServiceServiceProviderMetadataFacade (org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)1
MessageContext (org.opensaml.messaging.context.MessageContext)1
SAMLException (org.opensaml.saml.common.SAMLException)1
LogoutRequest (org.opensaml.saml.saml2.core.LogoutRequest)1
