use of org.codice.ddf.security.handler.SAMLAuthenticationToken in project ddf by codice.
the class IdpHandler method checkForAssertionInHttpHeader.
private HandlerResult checkForAssertionInHttpHeader(ServletRequest request) {
HttpServletRequest httpRequest = (HttpServletRequest) request;
String authHeader = ((HttpServletRequest) request).getHeader(SecurityConstants.SAML_HEADER_NAME);
HandlerResult handlerResult = new HandlerResultImpl();
// check for full SAML assertions coming in (federated requests, etc.)
if (authHeader != null) {
String[] tokenizedAuthHeader = authHeader.split(" ");
if (tokenizedAuthHeader.length == 2 && tokenizedAuthHeader[0].equals("SAML") && samlSecurity != null) {
String encodedSamlAssertion = tokenizedAuthHeader[1];
LOGGER.trace("Header retrieved");
try {
String tokenString = samlSecurity.inflateBase64(encodedSamlAssertion);
LOGGER.trace("Header value: {}", LogSanitizer.sanitize(tokenString));
SimplePrincipalCollection simplePrincipalCollection = new SimplePrincipalCollection();
simplePrincipalCollection.add(new SecurityAssertionSaml(SAMLUtils.getInstance().getSecurityTokenFromSAMLAssertion(tokenString)), "default");
SAMLAuthenticationToken samlToken = new SAMLAuthenticationToken(simplePrincipalCollection, simplePrincipalCollection, request.getRemoteAddr());
handlerResult.setToken(samlToken);
handlerResult.setStatus(HandlerResult.Status.COMPLETED);
} catch (IOException e) {
LOGGER.info("Unexpected error converting header value to string", e);
}
return handlerResult;
}
}
// Check for legacy SAML cookie
Map<String, Cookie> cookies = HttpUtils.getCookieMap(httpRequest);
Cookie samlCookie = cookies.get(SecurityConstants.SAML_COOKIE_NAME);
if (samlCookie != null && samlSecurity != null) {
String cookieValue = samlCookie.getValue();
LOGGER.trace("Cookie retrieved");
try {
String tokenString = samlSecurity.inflateBase64(cookieValue);
LOGGER.trace("Cookie value: {}", LogSanitizer.sanitize(tokenString));
Element thisToken = StaxUtils.read(new StringReader(tokenString)).getDocumentElement();
SimplePrincipalCollection simplePrincipalCollection = new SimplePrincipalCollection();
simplePrincipalCollection.add(new SecurityAssertionSaml(thisToken), "default");
SAMLAuthenticationToken samlToken = new SAMLAuthenticationToken(null, simplePrincipalCollection, request.getRemoteAddr());
handlerResult.setToken(samlToken);
handlerResult.setStatus(HandlerResult.Status.COMPLETED);
} catch (IOException e) {
LOGGER.info("Unexpected error converting cookie value to string - proceeding without SAML token.", e);
} catch (XMLStreamException e) {
LOGGER.info("Unexpected error converting XML string to element - proceeding without SAML token.", e);
}
return handlerResult;
}
return null;
}
Aggregations