Examples with RequestAbstractType org.keycloak.dom.saml.v2.protocol.RequestAbstractType used on opensource projects

Example 1 with RequestAbstractType

use of org.keycloak.dom.saml.v2.protocol.RequestAbstractType in project keycloak by keycloak.

the class SAML2Request method convert.

/**
 * Return the DOM object
 *
 * @param rat
 *
 * @return
 *
 * @throws ProcessingException
 * @throws ParsingException
 * @throws ConfigurationException
 */
public static Document convert(RequestAbstractType rat) throws ProcessingException, ConfigurationException, ParsingException {
    ByteArrayOutputStream bos = new ByteArrayOutputStream();
    SAMLRequestWriter writer = new SAMLRequestWriter(StaxUtil.getXMLStreamWriter(bos));
    if (rat instanceof AuthnRequestType) {
        writer.write((AuthnRequestType) rat);
    } else if (rat instanceof LogoutRequestType) {
        writer.write((LogoutRequestType) rat);
    }
    return DocumentUtil.getDocument(new String(bos.toByteArray(), GeneralConstants.SAML_CHARSET));
}

Example 2 with RequestAbstractType

use of org.keycloak.dom.saml.v2.protocol.RequestAbstractType in project keycloak by keycloak.

the class AbstractSamlAuthenticationHandler method handleSamlRequest.

protected AuthOutcome handleSamlRequest(String samlRequest, String relayState) {
    SAMLDocumentHolder holder = null;
    boolean postBinding = false;
    String requestUri = facade.getRequest().getURI();
    if (facade.getRequest().getMethod().equalsIgnoreCase("GET")) {
        // strip out query params
        int index = requestUri.indexOf('?');
        if (index > -1) {
            requestUri = requestUri.substring(0, index);
        }
        holder = SAMLRequestParser.parseRequestRedirectBinding(samlRequest);
    } else {
        postBinding = true;
        holder = SAMLRequestParser.parseRequestPostBinding(samlRequest);
    }
    if (holder == null) {
        log.error("Error parsing SAML document");
        return failedTerminal();
    }
    RequestAbstractType requestAbstractType = (RequestAbstractType) holder.getSamlObject();
    if (requestAbstractType.getDestination() == null && containsUnencryptedSignature(holder, postBinding)) {
        log.error("Destination field required.");
        return failed(CHALLENGE_EXTRACTION_FAILURE);
    }
    if (!destinationValidator.validate(requestUri, requestAbstractType.getDestination())) {
        log.error("Expected destination '" + requestUri + "' got '" + requestAbstractType.getDestination() + "'");
        return failedTerminal();
    }
    if (requestAbstractType instanceof LogoutRequestType) {
        if (deployment.getIDP().getSingleLogoutService().validateRequestSignature()) {
            try {
                validateSamlSignature(holder, postBinding, GeneralConstants.SAML_REQUEST_KEY);
            } catch (VerificationException e) {
                log.error("Failed to verify saml request signature", e);
                return failedTerminal();
            }
        }
        LogoutRequestType logout = (LogoutRequestType) requestAbstractType;
        return logoutRequest(logout, relayState);
    } else {
        log.error("unknown SAML request type");
        return failedTerminal();
    }
}

Example 3 with RequestAbstractType

use of org.keycloak.dom.saml.v2.protocol.RequestAbstractType in project keycloak by keycloak.

the class SAML2Request method getRequestType.

/**
 * Get a Request Type from Input Stream
 *
 * @param is
 *
 * @return
 *
 * @throws ProcessingException
 * @throws ConfigurationException
 * @throws
 * @throws IllegalArgumentException inputstream is null
 */
public RequestAbstractType getRequestType(InputStream is) throws ParsingException, ConfigurationException, ProcessingException {
    if (is == null)
        throw logger.nullArgumentError("InputStream");
    Document samlDocument = DocumentUtil.getDocument(is);
    SAMLParser samlParser = SAMLParser.getInstance();
    JAXPValidationUtil.checkSchemaValidation(samlDocument);
    RequestAbstractType requestType = (RequestAbstractType) samlParser.parse(samlDocument);
    samlDocumentHolder = new SAMLDocumentHolder(requestType, samlDocument);
    return requestType;
}