Example 6 with SamlRegisteredServiceServiceProviderMetadataFacade
use of org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade in project cas by apereo.
the class AbstractSamlProfileHandlerController method verifySamlAuthenticationRequest.
/**
* Verify saml authentication request.
*
* @param authenticationContext the pair
* @param request the request
* @return the pair
* @throws Exception the exception
*/
protected Pair<SamlRegisteredService, SamlRegisteredServiceServiceProviderMetadataFacade> verifySamlAuthenticationRequest(final Pair<? extends SignableSAMLObject, MessageContext> authenticationContext, final HttpServletRequest request) throws Exception {
final AuthnRequest authnRequest = AuthnRequest.class.cast(authenticationContext.getKey());
final String issuer = SamlIdPUtils.getIssuerFromSamlRequest(authnRequest);
final SamlRegisteredService registeredService = verifySamlRegisteredService(issuer);
LOGGER.debug("Fetching saml metadata adaptor for [{}]", issuer);
final Optional<SamlRegisteredServiceServiceProviderMetadataFacade> adaptor = SamlRegisteredServiceServiceProviderMetadataFacade.get(this.samlRegisteredServiceCachingMetadataResolver, registeredService, authnRequest);
if (!adaptor.isPresent()) {
throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, "Cannot find metadata linked to " + issuer);
}
verifyAuthenticationContextSignature(authenticationContext, request, authnRequest, adaptor.get());
SamlUtils.logSamlObject(this.configBean, authnRequest);
return Pair.of(registeredService, adaptor.get());
}
Also used :
AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)
SamlRegisteredServiceServiceProviderMetadataFacade(org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)
SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService)
UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException)
Example 7 with SamlRegisteredServiceServiceProviderMetadataFacade
use of org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade in project cas by apereo.
the class SamlIdPUtils method getMetadataResolverForAllSamlServices.
/**
* Gets chaining metadata resolver for all saml services.
*
* @param servicesManager the services manager
* @param entityID the entity id
* @param resolver the resolver
* @return the chaining metadata resolver for all saml services
*/
public static MetadataResolver getMetadataResolverForAllSamlServices(final ServicesManager servicesManager, final String entityID, final SamlRegisteredServiceCachingMetadataResolver resolver) {
try {
final Collection<RegisteredService> registeredServices = servicesManager.findServiceBy(SamlRegisteredService.class::isInstance);
final List<MetadataResolver> resolvers;
final ChainingMetadataResolver chainingMetadataResolver = new ChainingMetadataResolver();
resolvers = registeredServices.stream().filter(SamlRegisteredService.class::isInstance).map(SamlRegisteredService.class::cast).map(s -> SamlRegisteredServiceServiceProviderMetadataFacade.get(resolver, s, entityID)).filter(Optional::isPresent).map(Optional::get).map(SamlRegisteredServiceServiceProviderMetadataFacade::getMetadataResolver).collect(Collectors.toList());
LOGGER.debug("Located [{}] metadata resolvers to match against [{}]", resolvers, entityID);
chainingMetadataResolver.setResolvers(resolvers);
chainingMetadataResolver.setId(entityID);
chainingMetadataResolver.initialize();
return chainingMetadataResolver;
} catch (final Exception e) {
throw new RuntimeException(new SamlException(e.getMessage(), e));
}
}
Also used :
MessageContext(org.opensaml.messaging.context.MessageContext)
Arrays(java.util.Arrays)
BindingCriterion(org.opensaml.saml.criterion.BindingCriterion)
SamlRegisteredServiceCachingMetadataResolver(org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver)
LoggerFactory(org.slf4j.LoggerFactory)
AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)
StringUtils(org.apache.commons.lang3.StringUtils)
SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService)
SAMLConstants(org.opensaml.saml.common.xml.SAMLConstants)
ServicesManager(org.apereo.cas.services.ServicesManager)
AssertionConsumerServiceBuilder(org.opensaml.saml.saml2.metadata.impl.AssertionConsumerServiceBuilder)
Logger(org.slf4j.Logger)
AssertionConsumerService(org.opensaml.saml.saml2.metadata.AssertionConsumerService)
Collection(java.util.Collection)
MetadataResolver(org.opensaml.saml.metadata.resolver.MetadataResolver)
RequestAbstractType(org.opensaml.saml.saml2.core.RequestAbstractType)
Collectors(java.util.stream.Collectors)
RegisteredService(org.apereo.cas.services.RegisteredService)
Endpoint(org.opensaml.saml.saml2.metadata.Endpoint)
SPSSODescriptor(org.opensaml.saml.saml2.metadata.SPSSODescriptor)
List(java.util.List)
EntityRoleCriterion(org.opensaml.saml.criterion.EntityRoleCriterion)
EntityIdCriterion(org.opensaml.core.criterion.EntityIdCriterion)
SAMLEndpointContext(org.opensaml.saml.common.messaging.context.SAMLEndpointContext)
ChainingMetadataResolver(org.opensaml.saml.metadata.resolver.ChainingMetadataResolver)
CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet)
SamlRegisteredServiceServiceProviderMetadataFacade(org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)
SAMLPeerEntityContext(org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext)
Optional(java.util.Optional)
EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor)
ChainingMetadataResolver(org.opensaml.saml.metadata.resolver.ChainingMetadataResolver)
SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService)
RegisteredService(org.apereo.cas.services.RegisteredService)
Optional(java.util.Optional)
SamlRegisteredServiceServiceProviderMetadataFacade(org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)
SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService)
SamlRegisteredServiceCachingMetadataResolver(org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver)
MetadataResolver(org.opensaml.saml.metadata.resolver.MetadataResolver)
ChainingMetadataResolver(org.opensaml.saml.metadata.resolver.ChainingMetadataResolver)
Aggregations
SamlRegisteredServiceServiceProviderMetadataFacade (org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)7
SamlRegisteredService (org.apereo.cas.support.saml.services.SamlRegisteredService)6
UnauthorizedServiceException (org.apereo.cas.services.UnauthorizedServiceException)4
AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)4
MessageContext (org.opensaml.messaging.context.MessageContext)3
RegisteredService (org.apereo.cas.services.RegisteredService)2
SamlRegisteredServiceCachingMetadataResolver (org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver)2
EntityDescriptor (org.opensaml.saml.saml2.metadata.EntityDescriptor)2
Arrays (java.util.Arrays)1
Collection (java.util.Collection)1
List (java.util.List)1
Optional (java.util.Optional)1
Collectors (java.util.stream.Collectors)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
CriteriaSet (net.shibboleth.utilities.java.support.resolver.CriteriaSet)1
StringUtils (org.apache.commons.lang3.StringUtils)1
URIBuilder (org.apache.http.client.utils.URIBuilder)1
Authentication (org.apereo.cas.authentication.Authentication)1
AuthenticationException (org.apereo.cas.authentication.AuthenticationException)1
Service (org.apereo.cas.authentication.principal.Service)1
