Search in sources :

Example 6 with Response

use of org.opensaml.saml.saml2.core.Response in project cas by apereo.

the class SSOPostProfileCallbackHandlerController method validateRequestAndBuildCasAssertion.

private Assertion validateRequestAndBuildCasAssertion(final HttpServletResponse response, final HttpServletRequest request, final Pair<AuthnRequest, MessageContext> pair) throws Exception {
    final AuthnRequest authnRequest = pair.getKey();
    final String ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET);
    final Cas30ServiceTicketValidator validator = new Cas30ServiceTicketValidator(this.serverPrefix);
    validator.setRenew(authnRequest.isForceAuthn());
    final String serviceUrl = constructServiceUrl(request, response, pair);
    LOGGER.debug("Created service url for validation: [{}]", serviceUrl);
    final Assertion assertion = validator.validate(ticket, serviceUrl);
    logCasValidationAssertion(assertion);
    return assertion;
}
Also used : Cas30ServiceTicketValidator(org.jasig.cas.client.validation.Cas30ServiceTicketValidator) AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) Assertion(org.jasig.cas.client.validation.Assertion)

Example 7 with Response

use of org.opensaml.saml.saml2.core.Response in project cas by apereo.

the class AbstractSaml20ObjectBuilder method newSubject.

/**
     * New subject element.
     *
     * @param nameIdFormat the name id format
     * @param nameIdValue  the name id value
     * @param recipient    the recipient
     * @param notOnOrAfter the not on or after
     * @param inResponseTo the in response to
     * @return the subject
     */
public Subject newSubject(final String nameIdFormat, final String nameIdValue, final String recipient, final ZonedDateTime notOnOrAfter, final String inResponseTo) {
    final SubjectConfirmation confirmation = newSamlObject(SubjectConfirmation.class);
    confirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
    final SubjectConfirmationData data = newSamlObject(SubjectConfirmationData.class);
    data.setRecipient(recipient);
    data.setNotOnOrAfter(DateTimeUtils.dateTimeOf(notOnOrAfter));
    data.setInResponseTo(inResponseTo);
    confirmation.setSubjectConfirmationData(data);
    final Subject subject = newSamlObject(Subject.class);
    subject.setNameID(getNameID(nameIdFormat, nameIdValue));
    subject.getSubjectConfirmations().add(confirmation);
    return subject;
}
Also used : SubjectConfirmation(org.opensaml.saml.saml2.core.SubjectConfirmation) SubjectConfirmationData(org.opensaml.saml.saml2.core.SubjectConfirmationData) Subject(org.opensaml.saml.saml2.core.Subject)

Example 8 with Response

use of org.opensaml.saml.saml2.core.Response in project ddf by codice.

the class LogoutRequestService method getSamlpPostLogoutRequest.

private Response getSamlpPostLogoutRequest(String relayState, LogoutRequest logoutRequest) throws SimpleSign.SignatureException, WSSecurityException {
    LOGGER.debug("Configuring SAML LogoutRequest for POST.");
    Document doc = DOMUtils.createDocument();
    doc.appendChild(doc.createElement("root"));
    LOGGER.debug("Signing SAML POST LogoutRequest.");
    simpleSign.signSamlObject(logoutRequest);
    LOGGER.debug("Converting SAML Request to DOM");
    String assertionResponse = DOM2Writer.nodeToString(OpenSAMLUtil.toDom(logoutRequest, doc));
    String encodedSamlRequest = Base64.getEncoder().encodeToString(assertionResponse.getBytes(StandardCharsets.UTF_8));
    String singleLogoutLocation = idpMetadata.getSingleLogoutLocation();
    String submitFormUpdated = String.format(submitForm, singleLogoutLocation, SAML_REQUEST, encodedSamlRequest, relayState);
    Response.ResponseBuilder ok = Response.ok(submitFormUpdated);
    return ok.build();
}
Also used : Response(javax.ws.rs.core.Response) LogoutResponse(org.opensaml.saml.saml2.core.LogoutResponse) Document(org.w3c.dom.Document)

Example 9 with Response

use of org.opensaml.saml.saml2.core.Response in project ddf by codice.

the class LogoutRequestService method getSamlpRedirectLogoutRequest.

private Response getSamlpRedirectLogoutRequest(String relayState, LogoutRequest logoutRequest) throws IOException, SimpleSign.SignatureException, WSSecurityException, URISyntaxException {
    LOGGER.debug("Configuring SAML Response for Redirect.");
    Document doc = DOMUtils.createDocument();
    doc.appendChild(doc.createElement("root"));
    URI location = logoutMessage.signSamlGetRequest(logoutRequest, new URI(idpMetadata.getSingleLogoutLocation()), relayState);
    String redirectUpdated = String.format(redirectPage, location.toString());
    Response.ResponseBuilder ok = Response.ok(redirectUpdated);
    return ok.build();
}
Also used : Response(javax.ws.rs.core.Response) LogoutResponse(org.opensaml.saml.saml2.core.LogoutResponse) Document(org.w3c.dom.Document) URI(java.net.URI)

Example 10 with Response

use of org.opensaml.saml.saml2.core.Response in project ddf by codice.

the class LoginFilter method createSamlResponse.

/**
     * Creates the SAML response that we use for validation against the CXF
     * code.
     *
     * @param inResponseTo
     * @param issuer
     * @param status
     * @return Response
     */
private static Response createSamlResponse(String inResponseTo, String issuer, Status status) {
    if (responseBuilder == null) {
        responseBuilder = (SAMLObjectBuilder<Response>) builderFactory.getBuilder(Response.DEFAULT_ELEMENT_NAME);
    }
    Response response = responseBuilder.buildObject();
    response.setID(UUID.randomUUID().toString());
    response.setIssueInstant(new DateTime());
    response.setInResponseTo(inResponseTo);
    response.setIssuer(createIssuer(issuer));
    response.setStatus(status);
    response.setVersion(SAMLVersion.VERSION_20);
    return response;
}
Also used : Response(org.opensaml.saml.saml2.core.Response) ServletResponse(javax.servlet.ServletResponse) DateTime(org.joda.time.DateTime)

Aggregations

Response (org.opensaml.saml.saml2.core.Response)241 Test (org.junit.jupiter.api.Test)183 ResponseBuilder.aResponse (uk.gov.ida.saml.core.test.builders.ResponseBuilder.aResponse)94 Assertion (org.opensaml.saml.saml2.core.Assertion)82 EncryptedAssertion (org.opensaml.saml.saml2.core.EncryptedAssertion)61 LogoutResponse (org.opensaml.saml.saml2.core.LogoutResponse)52 Element (org.w3c.dom.Element)51 Status (org.opensaml.saml.saml2.core.Status)50 Document (org.w3c.dom.Document)43 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)42 DateTime (org.joda.time.DateTime)42 Response (javax.ws.rs.core.Response)38 AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)34 lombok.val (lombok.val)32 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)30 Issuer (org.opensaml.saml.saml2.core.Issuer)30 SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)27 Test (org.junit.Test)26 IOException (java.io.IOException)25 LogoutRequest (org.opensaml.saml.saml2.core.LogoutRequest)24