Example 61 with Response
use of org.opensaml.saml.saml2.core.Response in project cas by apereo.
the class SSOSamlProfileCallbackHandlerController method validateRequestAndBuildCasAssertion.
private Assertion validateRequestAndBuildCasAssertion(final HttpServletResponse response, final HttpServletRequest request, final Pair<AuthnRequest, MessageContext> pair) throws Exception {
final AuthnRequest authnRequest = pair.getKey();
final String ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET);
this.ticketValidator.setRenew(authnRequest.isForceAuthn());
final String serviceUrl = constructServiceUrl(request, response, pair);
LOGGER.trace("Created service url for validation: [{}]", serviceUrl);
final Assertion assertion = this.ticketValidator.validate(ticket, serviceUrl);
logCasValidationAssertion(assertion);
return assertion;
}
Also used :
AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)
Assertion(org.jasig.cas.client.validation.Assertion)
Example 62 with Response
use of org.opensaml.saml.saml2.core.Response in project cas by apereo.
the class AbstractSaml20ObjectBuilder method newAssertion.
/**
* Create a new SAML1 response object.
*
* @param authnStatement the authn statement
* @param issuer the issuer
* @param issuedAt the issued at
* @param id the id
* @return the assertion
*/
public Assertion newAssertion(final List<Statement> authnStatement, final String issuer, final ZonedDateTime issuedAt, final String id) {
final Assertion assertion = newSamlObject(Assertion.class);
assertion.setID(id);
assertion.setIssueInstant(DateTimeUtils.dateTimeOf(issuedAt));
assertion.setIssuer(newIssuer(issuer));
assertion.getStatements().addAll(authnStatement);
return assertion;
}
Also used :
Assertion(org.opensaml.saml.saml2.core.Assertion)
Example 63 with Response
use of org.opensaml.saml.saml2.core.Response in project cas by apereo.
the class SamlResponseAuditResourceResolver method getPrincipalIdFromSamlEcpResponse.
private String[] getPrincipalIdFromSamlEcpResponse(final Envelope envelope) {
final List<XMLObject> objects = envelope.getBody().getUnknownXMLObjects();
if (objects.isEmpty()) {
return new String[] {};
}
final XMLObject object = objects.get(0);
if (object instanceof Response) {
return getPrincipalIdFromSamlResponse((Response) object);
}
if (object instanceof Fault) {
return getPrincipalIdFromSamlEcpFault((Fault) object);
}
return new String[] {};
}Example 64 with Response
use of org.opensaml.saml.saml2.core.Response in project cas by apereo.
the class AbstractSamlProfileHandlerController method constructServiceUrl.
/**
* Construct service url string.
*
* @param request the request
* @param response the response
* @param pair the pair
* @return the string
* @throws SamlException the saml exception
*/
@SneakyThrows
protected String constructServiceUrl(final HttpServletRequest request, final HttpServletResponse response, final Pair<? extends SignableSAMLObject, MessageContext> pair) throws SamlException {
final AuthnRequest authnRequest = AuthnRequest.class.cast(pair.getLeft());
final MessageContext messageContext = pair.getRight();
try (StringWriter writer = SamlUtils.transformSamlObject(this.configBean, authnRequest)) {
final URLBuilder builder = new URLBuilder(this.callbackService.getId());
builder.getQueryParams().add(new net.shibboleth.utilities.java.support.collection.Pair<>(SamlProtocolConstants.PARAMETER_ENTITY_ID, SamlIdPUtils.getIssuerFromSamlRequest(authnRequest)));
final String samlRequest = EncodingUtils.encodeBase64(writer.toString().getBytes(StandardCharsets.UTF_8));
builder.getQueryParams().add(new net.shibboleth.utilities.java.support.collection.Pair<>(SamlProtocolConstants.PARAMETER_SAML_REQUEST, samlRequest));
builder.getQueryParams().add(new net.shibboleth.utilities.java.support.collection.Pair<>(SamlProtocolConstants.PARAMETER_SAML_RELAY_STATE, SAMLBindingSupport.getRelayState(messageContext)));
final String url = builder.buildURL();
LOGGER.trace("Built service callback url [{}]", url);
return CommonUtils.constructServiceUrl(request, response, url, casProperties.getServer().getName(), CasProtocolConstants.PARAMETER_SERVICE, CasProtocolConstants.PARAMETER_TICKET, false);
}
}
Also used :
AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)
StringWriter(java.io.StringWriter)
MessageContext(org.opensaml.messaging.context.MessageContext)
URLBuilder(net.shibboleth.utilities.java.support.net.URLBuilder)
SneakyThrows(lombok.SneakyThrows)
Example 65 with Response
use of org.opensaml.saml.saml2.core.Response in project cas by apereo.
the class AbstractSamlProfileHandlerController method issueAuthenticationRequestRedirect.
/**
* Redirect request for authentication.
*
* @param pair the pair
* @param request the request
* @param response the response
* @throws Exception the exception
*/
protected void issueAuthenticationRequestRedirect(final Pair<? extends SignableSAMLObject, MessageContext> pair, final HttpServletRequest request, final HttpServletResponse response) throws Exception {
final AuthnRequest authnRequest = AuthnRequest.class.cast(pair.getLeft());
final String serviceUrl = constructServiceUrl(request, response, pair);
LOGGER.debug("Created service url [{}]", serviceUrl);
final String initialUrl = CommonUtils.constructRedirectUrl(casProperties.getServer().getLoginUrl(), CasProtocolConstants.PARAMETER_SERVICE, serviceUrl, authnRequest.isForceAuthn(), authnRequest.isPassive());
final String urlToRedirectTo = buildRedirectUrlByRequestedAuthnContext(initialUrl, authnRequest, request);
LOGGER.debug("Redirecting SAML authN request to [{}]", urlToRedirectTo);
final AuthenticationRedirectStrategy authenticationRedirectStrategy = new DefaultAuthenticationRedirectStrategy();
authenticationRedirectStrategy.redirect(request, response, urlToRedirectTo);
}
Also used :
DefaultAuthenticationRedirectStrategy(org.jasig.cas.client.authentication.DefaultAuthenticationRedirectStrategy)
AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)
DefaultAuthenticationRedirectStrategy(org.jasig.cas.client.authentication.DefaultAuthenticationRedirectStrategy)
AuthenticationRedirectStrategy(org.jasig.cas.client.authentication.AuthenticationRedirectStrategy)
Aggregations
Response (org.opensaml.saml.saml2.core.Response)82
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)41
Test (org.junit.Test)41
Element (org.w3c.dom.Element)36
Document (org.w3c.dom.Document)32
DateTime (org.joda.time.DateTime)31
Status (org.opensaml.saml.saml2.core.Status)30
Response (javax.ws.rs.core.Response)29
ResponseBuilder.aResponse (uk.gov.ida.saml.core.test.builders.ResponseBuilder.aResponse)27
LogoutResponse (org.opensaml.saml.saml2.core.LogoutResponse)25
SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)23
SamlValidationResponse (uk.gov.ida.saml.core.validation.SamlValidationResponse)21
Matchers.anyString (org.mockito.Matchers.anyString)20
SAMLCallback (org.apache.wss4j.common.saml.SAMLCallback)18
SubjectConfirmationDataBean (org.apache.wss4j.common.saml.bean.SubjectConfirmationDataBean)18
Assertion (org.opensaml.saml.saml2.core.Assertion)18
AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)18
IOException (java.io.IOException)16
InputStream (java.io.InputStream)15
HttpServletResponse (javax.servlet.http.HttpServletResponse)13
