use of org.opensaml.saml.saml2.core.Response in project ddf by codice.
the class LoginFilter method createStatus.
/**
* Creates the status object for the response.
*
* @param statusCodeValue
* @param statusMessage
* @return Status
*/
private static Status createStatus(String statusCodeValue, String statusMessage) {
if (statusBuilder == null) {
statusBuilder = (SAMLObjectBuilder<Status>) builderFactory.getBuilder(Status.DEFAULT_ELEMENT_NAME);
}
if (statusCodeBuilder == null) {
statusCodeBuilder = (SAMLObjectBuilder<StatusCode>) builderFactory.getBuilder(StatusCode.DEFAULT_ELEMENT_NAME);
}
if (statusMessageBuilder == null) {
statusMessageBuilder = (SAMLObjectBuilder<StatusMessage>) builderFactory.getBuilder(StatusMessage.DEFAULT_ELEMENT_NAME);
}
Status status = statusBuilder.buildObject();
StatusCode statusCode = statusCodeBuilder.buildObject();
statusCode.setValue(statusCodeValue);
status.setStatusCode(statusCode);
if (statusMessage != null) {
StatusMessage statusMessageObject = statusMessageBuilder.buildObject();
statusMessageObject.setMessage(statusMessage);
status.setStatusMessage(statusMessageObject);
}
return status;
}
use of org.opensaml.saml.saml2.core.Response in project ddf by codice.
the class SamlProtocolTest method testCreateResponse.
@Test
public void testCreateResponse() throws WSSecurityException {
Response response = SamlProtocol.createResponse(SamlProtocol.createIssuer("myissuer"), SamlProtocol.createStatus("mystatus"), "myid", null);
assertEquals("myissuer", response.getIssuer().getValue());
assertEquals("mystatus", response.getStatus().getStatusCode().getValue());
assertEquals("myid", response.getInResponseTo());
}
use of org.opensaml.saml.saml2.core.Response in project ddf by codice.
the class SoapResponseCreator method createEcpResponse.
private String createEcpResponse(AuthnRequest authnRequest) throws WSSecurityException {
ResponseBuilder responseBuilder = new ResponseBuilder();
org.opensaml.saml.saml2.ecp.Response response = responseBuilder.buildObject();
response.setSOAP11Actor(HTTP_SCHEMAS_XMLSOAP_ORG_SOAP_ACTOR_NEXT);
response.setSOAP11MustUnderstand(true);
response.setAssertionConsumerServiceURL(getAssertionConsumerServiceURL(authnRequest));
return convertXmlObjectToString(response);
}
use of org.opensaml.saml.saml2.core.Response in project ddf by codice.
the class IdpEndpoint method processPostLogout.
@Override
@POST
@Path("/logout")
public Response processPostLogout(@FormParam(SAML_REQ) final String samlRequest, @FormParam(SAML_RESPONSE) final String samlResponse, @FormParam(RELAY_STATE) final String relayState, @Context final HttpServletRequest request) throws WSSecurityException, IdpException {
LogoutState logoutState = getLogoutState(request);
Cookie cookie = getCookie(request);
try {
if (samlRequest != null) {
LogoutRequest logoutRequest = logoutMessage.extractSamlLogoutRequest(RestSecurity.inflateBase64(samlRequest));
validatePost(request, logoutRequest);
return handleLogoutRequest(cookie, logoutState, logoutRequest, SamlProtocol.Binding.HTTP_POST, relayState);
} else if (samlResponse != null) {
LogoutResponse logoutResponse = logoutMessage.extractSamlLogoutResponse(RestSecurity.inflateBase64(samlResponse));
String requestId = logoutState != null ? logoutState.getCurrentRequestId() : null;
validatePost(request, logoutResponse, requestId);
return handleLogoutResponse(cookie, logoutState, logoutResponse, SamlProtocol.Binding.HTTP_POST);
}
} catch (IOException | XMLStreamException e) {
throw new IdpException("Unable to inflate Saml Object", e);
} catch (ValidationException e) {
throw new IdpException("Unable to validate Saml Object", e);
}
throw new IdpException("Unable to process logout");
}
use of org.opensaml.saml.saml2.core.Response in project ddf by codice.
the class IdpEndpoint method continueLogout.
private Response continueLogout(LogoutState logoutState, Cookie cookie, SamlProtocol.Binding incomingBinding) throws IdpException {
if (logoutState == null) {
throw new IdpException("Cannot continue a Logout that doesn't exist!");
}
try {
SignableSAMLObject logoutObject;
String relay = "";
String entityId = "";
SamlProtocol.Type samlType;
Optional<String> nextTarget = logoutState.getNextTarget();
if (nextTarget.isPresent()) {
// Another target exists, log them out
entityId = nextTarget.get();
if (logoutState.getOriginalIssuer().equals(entityId)) {
return continueLogout(logoutState, cookie, incomingBinding);
}
LogoutRequest logoutRequest = logoutMessage.buildLogoutRequest(logoutState.getNameId(), SystemBaseUrl.constructUrl("/idp/logout", true));
logoutState.setCurrentRequestId(logoutRequest.getID());
logoutObject = logoutRequest;
samlType = SamlProtocol.Type.REQUEST;
relay = "";
} else {
// No more targets, respond to original issuer
entityId = logoutState.getOriginalIssuer();
String status = logoutState.isPartialLogout() ? StatusCode.PARTIAL_LOGOUT : StatusCode.SUCCESS;
logoutObject = logoutMessage.buildLogoutResponse(SystemBaseUrl.constructUrl("/idp/logout", true), status, logoutState.getOriginalRequestId());
relay = logoutState.getInitialRelayState();
LogoutState decode = logoutStates.decode(cookie.getValue(), true);
samlType = SamlProtocol.Type.RESPONSE;
}
LOGGER.debug("Responding to [{}] with a [{}] and relay state [{}]", entityId, samlType, relay);
EntityInformation.ServiceInfo entityServiceInfo = serviceProviders.get(entityId).getLogoutService(incomingBinding);
if (entityServiceInfo == null) {
LOGGER.info("Could not find entity service info for {}", entityId);
return continueLogout(logoutState, cookie, incomingBinding);
}
switch(entityServiceInfo.getBinding()) {
case HTTP_REDIRECT:
return getSamlRedirectResponse(logoutObject, entityServiceInfo.getUrl(), relay, samlType);
case HTTP_POST:
return getSamlPostResponse(logoutObject, entityServiceInfo.getUrl(), relay, samlType);
default:
LOGGER.debug("No supported binding available for SP [{}].", entityId);
logoutState.setPartialLogout(true);
return continueLogout(logoutState, cookie, incomingBinding);
}
} catch (WSSecurityException | SimpleSign.SignatureException | IOException e) {
LOGGER.debug("Error while processing logout", e);
}
throw new IdpException("Server error while processing logout");
}
Aggregations