Example 1 with SamlArtifactTicket
use of org.apereo.cas.ticket.artifact.SamlArtifactTicket in project cas by apereo.
the class CasSamlArtifactMap method put.
@Override
public void put(final String artifact, final String relyingPartyId, final String issuerId, final SAMLObject samlMessage) throws IOException {
super.put(artifact, relyingPartyId, issuerId, samlMessage);
final HttpServletRequest request = HttpRequestUtils.getHttpServletRequestFromRequestAttributes();
final TicketGrantingTicket ticketGrantingTicket = CookieUtils.getTicketGrantingTicketFromRequest(ticketGrantingTicketCookieGenerator, this.ticketRegistry, request);
final SamlArtifactTicket ticket = samlArtifactTicketFactory.create(artifact, ticketGrantingTicket.getAuthentication(), ticketGrantingTicket, issuerId, relyingPartyId, samlMessage);
this.ticketRegistry.addTicket(ticket);
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket)
SamlArtifactTicket(org.apereo.cas.ticket.artifact.SamlArtifactTicket)
Example 2 with SamlArtifactTicket
use of org.apereo.cas.ticket.artifact.SamlArtifactTicket in project cas by apereo.
the class Saml1ArtifactResolutionProfileHandlerController method handlePostRequest.
/**
* Handle post request.
*
* @param response the response
* @param request the request
*/
@PostMapping(path = SamlIdPConstants.ENDPOINT_SAML1_SOAP_ARTIFACT_RESOLUTION)
protected void handlePostRequest(final HttpServletResponse response, final HttpServletRequest request) {
final MessageContext ctx = decodeSoapRequest(request);
final ArtifactResolve artifactMsg = (ArtifactResolve) ctx.getMessage();
try {
final String issuer = artifactMsg.getIssuer().getValue();
final SamlRegisteredService service = verifySamlRegisteredService(issuer);
final Optional<SamlRegisteredServiceServiceProviderMetadataFacade> adaptor = getSamlMetadataFacadeFor(service, artifactMsg);
if (!adaptor.isPresent()) {
throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, "Cannot find metadata linked to " + issuer);
}
final SamlRegisteredServiceServiceProviderMetadataFacade facade = adaptor.get();
verifyAuthenticationContextSignature(ctx, request, artifactMsg, facade);
final String artifactId = artifactMsg.getArtifact().getArtifact();
final String ticketId = artifactTicketFactory.createTicketIdFor(artifactId);
final SamlArtifactTicket ticket = this.ticketRegistry.getTicket(ticketId, SamlArtifactTicket.class);
final Service issuerService = webApplicationServiceFactory.createService(issuer);
final Assertion casAssertion = buildCasAssertion(ticket.getTicketGrantingTicket().getAuthentication(), issuerService, service, CollectionUtils.wrap("artifact", ticket));
this.responseBuilder.build(artifactMsg, request, response, casAssertion, service, facade, SAMLConstants.SAML2_ARTIFACT_BINDING_URI);
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
request.setAttribute(SamlIdPConstants.REQUEST_ATTRIBUTE_ERROR, e.getMessage());
samlFaultResponseBuilder.build(artifactMsg, request, response, null, null, null, SAMLConstants.SAML2_ARTIFACT_BINDING_URI);
}
}
Also used :
ArtifactResolve(org.opensaml.saml.saml2.core.ArtifactResolve)
SamlRegisteredServiceServiceProviderMetadataFacade(org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)
SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService)
Assertion(org.jasig.cas.client.validation.Assertion)
UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException)
WebApplicationService(org.apereo.cas.authentication.principal.WebApplicationService)
SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService)
Service(org.apereo.cas.authentication.principal.Service)
MessageContext(org.opensaml.messaging.context.MessageContext)
SamlArtifactTicket(org.apereo.cas.ticket.artifact.SamlArtifactTicket)
UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException)
PostMapping(org.springframework.web.bind.annotation.PostMapping)
Example 3 with SamlArtifactTicket
use of org.apereo.cas.ticket.artifact.SamlArtifactTicket in project cas by apereo.
the class SamlProfileArtifactResponseBuilder method buildResponse.
@Override
protected Envelope buildResponse(final Assertion assertion, final Object casAssertion, final RequestAbstractType authnRequest, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor, final HttpServletRequest request, final HttpServletResponse response, final String binding) throws SamlException {
final org.jasig.cas.client.validation.Assertion castedAssertion = org.jasig.cas.client.validation.Assertion.class.cast(casAssertion);
final SamlArtifactTicket ticket = (SamlArtifactTicket) castedAssertion.getAttributes().get("artifact");
final ArtifactResponse artifactResponse = new ArtifactResponseBuilder().buildObject();
artifactResponse.setIssueInstant(DateTime.now());
artifactResponse.setIssuer(newIssuer(ticket.getIssuer()));
artifactResponse.setInResponseTo(ticket.getRelyingPartyId());
artifactResponse.setID(ticket.getId());
artifactResponse.setStatus(newStatus(StatusCode.SUCCESS, "Success"));
final SAMLObject samlResponse = SamlUtils.transformSamlObject(configBean, ticket.getObject(), SAMLObject.class);
artifactResponse.setMessage(samlResponse);
final Header header = newSoapObject(Header.class);
final Body body = newSoapObject(Body.class);
body.getUnknownXMLObjects().add(artifactResponse);
final Envelope envelope = newSoapObject(Envelope.class);
envelope.setHeader(header);
envelope.setBody(body);
SamlUtils.logSamlObject(this.configBean, envelope);
return envelope;
}
Also used :
Header(org.opensaml.soap.soap11.Header)
SAMLObject(org.opensaml.saml.common.SAMLObject)
ArtifactResponse(org.opensaml.saml.saml2.core.ArtifactResponse)
ArtifactResponseBuilder(org.opensaml.saml.saml2.core.impl.ArtifactResponseBuilder)
SamlArtifactTicket(org.apereo.cas.ticket.artifact.SamlArtifactTicket)
Envelope(org.opensaml.soap.soap11.Envelope)
Body(org.opensaml.soap.soap11.Body)
Aggregations
SamlArtifactTicket (org.apereo.cas.ticket.artifact.SamlArtifactTicket)3
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
Service (org.apereo.cas.authentication.principal.Service)1
WebApplicationService (org.apereo.cas.authentication.principal.WebApplicationService)1
UnauthorizedServiceException (org.apereo.cas.services.UnauthorizedServiceException)1
SamlRegisteredService (org.apereo.cas.support.saml.services.SamlRegisteredService)1
SamlRegisteredServiceServiceProviderMetadataFacade (org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)1
TicketGrantingTicket (org.apereo.cas.ticket.TicketGrantingTicket)1
Assertion (org.jasig.cas.client.validation.Assertion)1
MessageContext (org.opensaml.messaging.context.MessageContext)1
SAMLObject (org.opensaml.saml.common.SAMLObject)1
ArtifactResolve (org.opensaml.saml.saml2.core.ArtifactResolve)1
ArtifactResponse (org.opensaml.saml.saml2.core.ArtifactResponse)1
ArtifactResponseBuilder (org.opensaml.saml.saml2.core.impl.ArtifactResponseBuilder)1
Body (org.opensaml.soap.soap11.Body)1
Envelope (org.opensaml.soap.soap11.Envelope)1
Header (org.opensaml.soap.soap11.Header)1
PostMapping (org.springframework.web.bind.annotation.PostMapping)1
