Example 1 with SAMLObject
use of org.opensaml.common.SAMLObject in project MaxKey by dromara.
the class WebServicePostEncoder method encodeMsgContext.
@SuppressWarnings("rawtypes")
public VelocityContext encodeMsgContext(MessageContext messageContext) throws MessageEncodingException {
SAMLMessageContext samlMsgCtx = (SAMLMessageContext) messageContext;
SAMLObject outboundMessage = samlMsgCtx.getOutboundSAMLMessage();
if (outboundMessage == null) {
throw new MessageEncodingException("No outbound SAML message contained in message context");
}
signMessage(samlMsgCtx);
samlMsgCtx.setOutboundMessage(outboundMessage);
return encodeMsgContext(samlMsgCtx);
}
Also used :
SAMLMessageContext(org.opensaml.common.binding.SAMLMessageContext)
SAMLObject(org.opensaml.common.SAMLObject)
MessageEncodingException(org.opensaml.ws.message.encoder.MessageEncodingException)
Example 2 with SAMLObject
use of org.opensaml.common.SAMLObject in project entcore by opendigitaleducation.
the class SamlValidator method decryptAssertion.
private Assertion decryptAssertion(Response response) throws Exception {
EncryptedAssertion encryptedAssertion;
if (response.getEncryptedAssertions() != null && response.getEncryptedAssertions().size() == 1) {
encryptedAssertion = response.getEncryptedAssertions().get(0);
} else {
throw new ValidationException("Encrypted Assertion not found.");
}
BasicX509Credential decryptionCredential = new BasicX509Credential();
decryptionCredential.setPrivateKey(privateKey);
Decrypter decrypter = new Decrypter(null, new StaticKeyInfoCredentialResolver(decryptionCredential), new InlineEncryptedKeyResolver());
decrypter.setRootInNewDocument(true);
Assertion assertion = decrypter.decrypt(encryptedAssertion);
if (assertion != null && assertion.getSubject() != null && assertion.getSubject().getEncryptedID() != null) {
SAMLObject s = decrypter.decrypt(assertion.getSubject().getEncryptedID());
if (s instanceof BaseID) {
assertion.getSubject().setBaseID((BaseID) s);
} else if (s instanceof NameID) {
assertion.getSubject().setNameID((NameID) s);
}
assertion.getSubject().setEncryptedID(null);
}
if (assertion != null && assertion.getAttributeStatements() != null) {
for (AttributeStatement statement : assertion.getAttributeStatements()) {
for (EncryptedAttribute ea : statement.getEncryptedAttributes()) {
Attribute a = decrypter.decrypt(ea);
statement.getAttributes().add(a);
}
statement.getEncryptedAttributes().clear();
}
}
return assertion;
}
Also used :
ValidationException(org.opensaml.xml.validation.ValidationException)
SAMLObject(org.opensaml.common.SAMLObject)
Decrypter(org.opensaml.saml2.encryption.Decrypter)
StaticKeyInfoCredentialResolver(org.opensaml.xml.security.keyinfo.StaticKeyInfoCredentialResolver)
BasicX509Credential(org.opensaml.xml.security.x509.BasicX509Credential)
InlineEncryptedKeyResolver(org.opensaml.xml.encryption.InlineEncryptedKeyResolver)
Aggregations
SAMLObject (org.opensaml.common.SAMLObject)2
SAMLMessageContext (org.opensaml.common.binding.SAMLMessageContext)1
Decrypter (org.opensaml.saml2.encryption.Decrypter)1
MessageEncodingException (org.opensaml.ws.message.encoder.MessageEncodingException)1
InlineEncryptedKeyResolver (org.opensaml.xml.encryption.InlineEncryptedKeyResolver)1
StaticKeyInfoCredentialResolver (org.opensaml.xml.security.keyinfo.StaticKeyInfoCredentialResolver)1
BasicX509Credential (org.opensaml.xml.security.x509.BasicX509Credential)1
ValidationException (org.opensaml.xml.validation.ValidationException)1
