use of org.opensaml.saml.saml2.core.Response in project cas by apereo.
the class SSOPostProfileCallbackHandlerController method validateRequestAndBuildCasAssertion.
private Assertion validateRequestAndBuildCasAssertion(final HttpServletResponse response, final HttpServletRequest request, final Pair<AuthnRequest, MessageContext> pair) throws Exception {
final AuthnRequest authnRequest = pair.getKey();
final String ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET);
final Cas30ServiceTicketValidator validator = new Cas30ServiceTicketValidator(this.serverPrefix);
validator.setRenew(authnRequest.isForceAuthn());
final String serviceUrl = constructServiceUrl(request, response, pair);
LOGGER.debug("Created service url for validation: [{}]", serviceUrl);
final Assertion assertion = validator.validate(ticket, serviceUrl);
logCasValidationAssertion(assertion);
return assertion;
}
use of org.opensaml.saml.saml2.core.Response in project cas by apereo.
the class AbstractSaml20ObjectBuilder method newSubject.
/**
* New subject element.
*
* @param nameIdFormat the name id format
* @param nameIdValue the name id value
* @param recipient the recipient
* @param notOnOrAfter the not on or after
* @param inResponseTo the in response to
* @return the subject
*/
public Subject newSubject(final String nameIdFormat, final String nameIdValue, final String recipient, final ZonedDateTime notOnOrAfter, final String inResponseTo) {
final SubjectConfirmation confirmation = newSamlObject(SubjectConfirmation.class);
confirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
final SubjectConfirmationData data = newSamlObject(SubjectConfirmationData.class);
data.setRecipient(recipient);
data.setNotOnOrAfter(DateTimeUtils.dateTimeOf(notOnOrAfter));
data.setInResponseTo(inResponseTo);
confirmation.setSubjectConfirmationData(data);
final Subject subject = newSamlObject(Subject.class);
subject.setNameID(getNameID(nameIdFormat, nameIdValue));
subject.getSubjectConfirmations().add(confirmation);
return subject;
}
use of org.opensaml.saml.saml2.core.Response in project ddf by codice.
the class LogoutRequestService method getSamlpPostLogoutRequest.
private Response getSamlpPostLogoutRequest(String relayState, LogoutRequest logoutRequest) throws SimpleSign.SignatureException, WSSecurityException {
LOGGER.debug("Configuring SAML LogoutRequest for POST.");
Document doc = DOMUtils.createDocument();
doc.appendChild(doc.createElement("root"));
LOGGER.debug("Signing SAML POST LogoutRequest.");
simpleSign.signSamlObject(logoutRequest);
LOGGER.debug("Converting SAML Request to DOM");
String assertionResponse = DOM2Writer.nodeToString(OpenSAMLUtil.toDom(logoutRequest, doc));
String encodedSamlRequest = Base64.getEncoder().encodeToString(assertionResponse.getBytes(StandardCharsets.UTF_8));
String singleLogoutLocation = idpMetadata.getSingleLogoutLocation();
String submitFormUpdated = String.format(submitForm, singleLogoutLocation, SAML_REQUEST, encodedSamlRequest, relayState);
Response.ResponseBuilder ok = Response.ok(submitFormUpdated);
return ok.build();
}
use of org.opensaml.saml.saml2.core.Response in project ddf by codice.
the class LogoutRequestService method getSamlpRedirectLogoutRequest.
private Response getSamlpRedirectLogoutRequest(String relayState, LogoutRequest logoutRequest) throws IOException, SimpleSign.SignatureException, WSSecurityException, URISyntaxException {
LOGGER.debug("Configuring SAML Response for Redirect.");
Document doc = DOMUtils.createDocument();
doc.appendChild(doc.createElement("root"));
URI location = logoutMessage.signSamlGetRequest(logoutRequest, new URI(idpMetadata.getSingleLogoutLocation()), relayState);
String redirectUpdated = String.format(redirectPage, location.toString());
Response.ResponseBuilder ok = Response.ok(redirectUpdated);
return ok.build();
}
use of org.opensaml.saml.saml2.core.Response in project ddf by codice.
the class LoginFilter method createSamlResponse.
/**
* Creates the SAML response that we use for validation against the CXF
* code.
*
* @param inResponseTo
* @param issuer
* @param status
* @return Response
*/
private static Response createSamlResponse(String inResponseTo, String issuer, Status status) {
if (responseBuilder == null) {
responseBuilder = (SAMLObjectBuilder<Response>) builderFactory.getBuilder(Response.DEFAULT_ELEMENT_NAME);
}
Response response = responseBuilder.buildObject();
response.setID(UUID.randomUUID().toString());
response.setIssueInstant(new DateTime());
response.setInResponseTo(inResponseTo);
response.setIssuer(createIssuer(issuer));
response.setStatus(status);
response.setVersion(SAMLVersion.VERSION_20);
return response;
}
Aggregations