Example 11 with XMLObject
use of org.opensaml.core.xml.XMLObject in project ddf by codice.
the class AssertionConsumerService method extractSamlResponse.
private org.opensaml.saml.saml2.core.Response extractSamlResponse(String samlResponse) {
org.opensaml.saml.saml2.core.Response response = null;
try {
Document responseDoc = StaxUtils.read(new ByteArrayInputStream(samlResponse.getBytes(StandardCharsets.UTF_8)));
XMLObject responseXmlObject = OpenSAMLUtil.fromDom(responseDoc.getDocumentElement());
if (responseXmlObject instanceof org.opensaml.saml.saml2.core.Response) {
response = (org.opensaml.saml.saml2.core.Response) responseXmlObject;
}
} catch (XMLStreamException | WSSecurityException e) {
LOGGER.debug("Failed to convert AuthN response string to object.", e);
}
return response;
}
Also used :
XMLObject(org.opensaml.core.xml.XMLObject)
WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)
Document(org.w3c.dom.Document)
Response(javax.ws.rs.core.Response)
XMLStreamException(javax.xml.stream.XMLStreamException)
ByteArrayInputStream(java.io.ByteArrayInputStream)
Example 12 with XMLObject
use of org.opensaml.core.xml.XMLObject in project ddf by codice.
the class SimpleSignTest method testSignSamlObjectThenModify.
@Test(expected = SimpleSign.SignatureException.class)
public void testSignSamlObjectThenModify() throws Exception {
Document responseDoc = StaxUtils.read(new ByteArrayInputStream(cannedResponse.getBytes()));
XMLObject responseXmlObject = OpenSAMLUtil.fromDom(responseDoc.getDocumentElement());
org.opensaml.saml.saml2.core.Response response = (org.opensaml.saml.saml2.core.Response) responseXmlObject;
simpleSign.signSamlObject(response);
Document doc = DOMUtils.createDocument();
Element requestElement = OpenSAMLUtil.toDom(response, doc);
requestElement.setAttribute("oops", "changedit");
String responseMessage = DOM2Writer.nodeToString(requestElement);
responseDoc = StaxUtils.read(new ByteArrayInputStream(responseMessage.getBytes()));
responseXmlObject = OpenSAMLUtil.fromDom(responseDoc.getDocumentElement());
response = (org.opensaml.saml.saml2.core.Response) responseXmlObject;
simpleSign.validateSignature(response.getSignature(), response.getDOM().getOwnerDocument());
}
Also used :
ByteArrayInputStream(java.io.ByteArrayInputStream)
Element(org.w3c.dom.Element)
XMLObject(org.opensaml.core.xml.XMLObject)
Document(org.w3c.dom.Document)
Test(org.junit.Test)
Example 13 with XMLObject
use of org.opensaml.core.xml.XMLObject in project ddf by codice.
the class SimpleSignTest method testSignSamlObject.
@Test
public void testSignSamlObject() throws Exception {
Document responseDoc = StaxUtils.read(new ByteArrayInputStream(cannedResponse.getBytes()));
XMLObject responseXmlObject = OpenSAMLUtil.fromDom(responseDoc.getDocumentElement());
org.opensaml.saml.saml2.core.Response response = (org.opensaml.saml.saml2.core.Response) responseXmlObject;
simpleSign.signSamlObject(response);
Document doc = DOMUtils.createDocument();
Element requestElement = OpenSAMLUtil.toDom(response, doc);
String responseMessage = DOM2Writer.nodeToString(requestElement);
responseDoc = StaxUtils.read(new ByteArrayInputStream(responseMessage.getBytes()));
responseXmlObject = OpenSAMLUtil.fromDom(responseDoc.getDocumentElement());
response = (org.opensaml.saml.saml2.core.Response) responseXmlObject;
simpleSign.validateSignature(response.getSignature(), response.getDOM().getOwnerDocument());
}
Also used :
ByteArrayInputStream(java.io.ByteArrayInputStream)
Element(org.w3c.dom.Element)
XMLObject(org.opensaml.core.xml.XMLObject)
Document(org.w3c.dom.Document)
Test(org.junit.Test)
Example 14 with XMLObject
use of org.opensaml.core.xml.XMLObject in project ddf by codice.
the class PaosInInterceptor method checkSamlpResponse.
private void checkSamlpResponse(SOAPPart soapRequest) throws IOException {
XMLObject responseXmlObj = null;
try {
Node node = soapRequest.getEnvelope().getBody().getFirstChild();
responseXmlObj = SamlProtocol.getXmlObjectFromNode(node);
} catch (WSSecurityException | SOAPException | XMLStreamException ex) {
throw new IOException("Unable to convert Response document to XMLObject.");
}
if (responseXmlObj == null) {
throw new IOException("Response object is not Found.");
}
if (!(responseXmlObj instanceof org.opensaml.saml.saml2.core.Response)) {
throw new IOException("SAMLRequest object is not org.opensaml.saml.saml2.core.Response.");
}
}
Also used :
HttpResponse(com.google.api.client.http.HttpResponse)
Response(ddf.security.liberty.paos.Response)
XMLStreamException(javax.xml.stream.XMLStreamException)
Node(org.w3c.dom.Node)
SOAPException(javax.xml.soap.SOAPException)
XMLObject(org.opensaml.core.xml.XMLObject)
WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)
IOException(java.io.IOException)
Example 15 with XMLObject
use of org.opensaml.core.xml.XMLObject in project ddf by codice.
the class AbstractAuthorizingRealm method expandAttributes.
/**
* Takes an {@link org.opensaml.saml.saml2.core.Attribute} and utilizes the
* {@link ddf.security.expansion.Expansion} service to potentially expand it to a
* different/enhanced set of attributes. This expansion is controlled by the configuration of
* the expansion service but relies on the name of this attribute as a key. The returned set of
* Strings represent the possibly expanded set of attributes to be added to the current
* permissions.
*
* @param attribute current attribute whose values are to be potentially expanded
* @return a set of potentially expanded values
*/
private Set<String> expandAttributes(Attribute attribute, Collection<Expansion> expansions) {
Set<String> attributeSet = new HashSet<>();
String attributeName = attribute.getName();
for (XMLObject curValue : attribute.getAttributeValues()) {
if (curValue instanceof XSString) {
attributeSet.add(((XSString) curValue).getValue());
} else {
LOGGER.debug("Unexpected attribute type (non-string) for attribute named {} - ignored", attributeName);
}
}
for (Expansion expansionService : expansions) {
LOGGER.debug("Expanding attributes for {} - original values: {}", attributeName, attributeSet);
attributeSet = expansionService.expand(attributeName, attributeSet);
}
LOGGER.debug("Expanded attributes for {} - values: {}", attributeName, attributeSet);
return attributeSet;
}Aggregations
XMLObject (org.opensaml.core.xml.XMLObject)15
Document (org.w3c.dom.Document)9
ByteArrayInputStream (java.io.ByteArrayInputStream)8
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)6
IOException (java.io.IOException)4
XMLStreamException (javax.xml.stream.XMLStreamException)3
XSString (org.opensaml.core.xml.schema.XSString)3
AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)3
Element (org.w3c.dom.Element)3
InputStreamReader (java.io.InputStreamReader)2
HashSet (java.util.HashSet)2
SOAPException (javax.xml.soap.SOAPException)2
Test (org.junit.Test)2
Attribute (org.opensaml.saml.saml2.core.Attribute)2
AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)2
Node (org.w3c.dom.Node)2
HttpResponse (com.google.api.client.http.HttpResponse)1
Subject (ddf.security.Subject)1
SecurityAssertion (ddf.security.assertion.SecurityAssertion)1
Expansion (ddf.security.expansion.Expansion)1
