Example 1 with SamlArtifactTicketFactory
use of org.apereo.cas.ticket.artifact.SamlArtifactTicketFactory in project cas by apereo.
the class SamlIdPSaml1ArtifactResolutionProfileHandlerController method handlePostRequest.
/**
* Handle post request.
*
* @param response the response
* @param request the request
* @throws Exception the exception
*/
@PostMapping(path = SamlIdPConstants.ENDPOINT_SAML1_SOAP_ARTIFACT_RESOLUTION)
protected void handlePostRequest(final HttpServletResponse response, final HttpServletRequest request) throws Exception {
val ctx = decodeSoapRequest(request);
val artifactMsg = (ArtifactResolve) ctx.getMessage();
try {
val issuer = Objects.requireNonNull(artifactMsg).getIssuer().getValue();
val registeredService = verifySamlRegisteredService(issuer);
val adaptor = getSamlMetadataFacadeFor(registeredService, artifactMsg);
if (adaptor.isEmpty()) {
throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, "Cannot find metadata linked to " + issuer);
}
val facade = adaptor.get();
verifyAuthenticationContextSignature(ctx, request, artifactMsg, facade, registeredService);
val artifactId = artifactMsg.getArtifact().getValue();
val factory = (SamlArtifactTicketFactory) getConfigurationContext().getTicketFactory().get(SamlArtifactTicket.class);
val ticketId = factory.createTicketIdFor(artifactId);
val ticket = getConfigurationContext().getTicketRegistry().getTicket(ticketId, SamlArtifactTicket.class);
if (ticket == null) {
throw new InvalidTicketException(ticketId);
}
val issuerService = getConfigurationContext().getWebApplicationServiceFactory().createService(issuer);
val casAssertion = buildCasAssertion(ticket.getTicketGrantingTicket().getAuthentication(), issuerService, registeredService, CollectionUtils.wrap("artifact", ticket));
val buildContext = SamlProfileBuilderContext.builder().samlRequest(artifactMsg).httpRequest(request).httpResponse(response).authenticatedAssertion(casAssertion).registeredService(registeredService).adaptor(facade).binding(SAMLConstants.SAML2_ARTIFACT_BINDING_URI).messageContext(ctx).build();
getConfigurationContext().getResponseBuilder().build(buildContext);
} catch (final Exception e) {
LoggingUtils.error(LOGGER, e);
request.setAttribute(SamlIdPConstants.REQUEST_ATTRIBUTE_ERROR, "Unable to build SOAP response: " + StringUtils.defaultString(e.getMessage()));
val buildContext = SamlProfileBuilderContext.builder().samlRequest(artifactMsg).httpRequest(request).httpResponse(response).binding(SAMLConstants.SAML2_ARTIFACT_BINDING_URI).messageContext(ctx).build();
getConfigurationContext().getSamlFaultResponseBuilder().build(buildContext);
}
}
Also used :
lombok.val(lombok.val)
ArtifactResolve(org.opensaml.saml.saml2.core.ArtifactResolve)
InvalidTicketException(org.apereo.cas.ticket.InvalidTicketException)
UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException)
SamlArtifactTicket(org.apereo.cas.ticket.artifact.SamlArtifactTicket)
SamlArtifactTicketFactory(org.apereo.cas.ticket.artifact.SamlArtifactTicketFactory)
UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException)
InvalidTicketException(org.apereo.cas.ticket.InvalidTicketException)
PostMapping(org.springframework.web.bind.annotation.PostMapping)
Example 2 with SamlArtifactTicketFactory
use of org.apereo.cas.ticket.artifact.SamlArtifactTicketFactory in project cas by apereo.
the class CasSamlArtifactMap method put.
@Override
public void put(final String artifact, final String relyingPartyId, final String issuerId, final SAMLObject samlMessage) throws IOException {
super.put(artifact, relyingPartyId, issuerId, samlMessage);
val request = HttpRequestUtils.getHttpServletRequestFromRequestAttributes();
val response = HttpRequestUtils.getHttpServletResponseFromRequestAttributes();
var ticketGrantingTicket = CookieUtils.getTicketGrantingTicketFromRequest(ticketGrantingTicketCookieGenerator, ticketRegistry, request);
if (ticketGrantingTicket == null) {
ticketGrantingTicket = samlIdPDistributedSessionStore.get(new JEEContext(request, response), WebUtils.PARAMETER_TICKET_GRANTING_TICKET_ID).map(ticketId -> centralAuthenticationService.getTicket(ticketId.toString(), TicketGrantingTicket.class)).orElse(null);
}
val samlArtifactTicketFactory = (SamlArtifactTicketFactory) ticketFactory.get(SamlArtifactTicket.class);
val ticket = samlArtifactTicketFactory.create(artifact, Objects.requireNonNull(ticketGrantingTicket).getAuthentication(), ticketGrantingTicket, issuerId, relyingPartyId, samlMessage);
FunctionUtils.doUnchecked(s -> ticketRegistry.addTicket(ticket));
}
Also used :
lombok.val(lombok.val)
TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket)
JEEContext(org.pac4j.core.context.JEEContext)
SamlArtifactTicket(org.apereo.cas.ticket.artifact.SamlArtifactTicket)
SamlArtifactTicketFactory(org.apereo.cas.ticket.artifact.SamlArtifactTicketFactory)
Aggregations
lombok.val (lombok.val)2
SamlArtifactTicket (org.apereo.cas.ticket.artifact.SamlArtifactTicket)2
SamlArtifactTicketFactory (org.apereo.cas.ticket.artifact.SamlArtifactTicketFactory)2
UnauthorizedServiceException (org.apereo.cas.services.UnauthorizedServiceException)1
InvalidTicketException (org.apereo.cas.ticket.InvalidTicketException)1
TicketGrantingTicket (org.apereo.cas.ticket.TicketGrantingTicket)1
ArtifactResolve (org.opensaml.saml.saml2.core.ArtifactResolve)1
JEEContext (org.pac4j.core.context.JEEContext)1
PostMapping (org.springframework.web.bind.annotation.PostMapping)1
