use of org.opensaml.saml.saml2.core.Status in project ddf by codice.
the class SamlProtocol method createResponse.
public static Response createResponse(Issuer issuer, Status status, String requestId, Element samlAssertion) throws WSSecurityException {
Response response = responseSAMLObjectBuilder.buildObject();
response.setIssuer(issuer);
response.setStatus(status);
response.setID("_" + UUID.randomUUID().toString());
response.setIssueInstant(new DateTime());
response.setInResponseTo(requestId);
response.setVersion(SAMLVersion.VERSION_20);
if (samlAssertion != null) {
SamlAssertionWrapper samlAssertionWrapper = new SamlAssertionWrapper(samlAssertion);
response.getAssertions().add(samlAssertionWrapper.getSaml2());
}
return response;
}
use of org.opensaml.saml.saml2.core.Status in project ddf by codice.
the class SamlProtocol method createStatus.
public static Status createStatus(String statusValue) {
Status status = statusBuilder.buildObject();
StatusCode statusCode = statusCodeBuilder.buildObject();
statusCode.setValue(statusValue);
status.setStatusCode(statusCode);
return status;
}
use of org.opensaml.saml.saml2.core.Status in project ddf by codice.
the class SamlProtocol method createLogoutResponse.
public static LogoutResponse createLogoutResponse(Issuer issuer, Status status, String inResponseTo, String id) {
LogoutResponse logoutResponse = logoutResponseBuilder.buildObject();
logoutResponse.setID(id);
logoutResponse.setIssuer(issuer);
logoutResponse.setStatus(status);
if (StringUtils.isNotBlank(inResponseTo)) {
logoutResponse.setInResponseTo(inResponseTo);
}
logoutResponse.setIssueInstant(DateTime.now());
logoutResponse.setVersion(SAMLVersion.VERSION_20);
return logoutResponse;
}
use of org.opensaml.saml.saml2.core.Status in project verify-hub by alphagov.
the class ProtectiveMonitoringLogFormatter method formatAuthnResponse.
public String formatAuthnResponse(Response samlResponse, Direction direction, Boolean validSignature) {
Issuer issuer = samlResponse.getIssuer();
String issuerString = issuer != null ? issuer.getValue() : "";
Status status = samlResponse.getStatus();
StatusCode subStatusCode = status.getStatusCode().getStatusCode();
String subStatus = subStatusCode != null ? subStatusCode.getValue() : "";
return String.format(AUTHN_RESPONSE, samlResponse.getID(), samlResponse.getInResponseTo(), direction, samlResponse.getDestination(), issuerString, validSignature, status.getStatusCode().getValue(), subStatus, getStatusDetailValues(status));
}
use of org.opensaml.saml.saml2.core.Status in project pac4j by pac4j.
the class SAML2DefaultResponseValidator method validateSamlProtocolResponse.
/**
* Validates the SAML protocol response:
* - IssueInstant
* - Issuer
* - StatusCode
* - Signature
*
* @param response the response
* @param context the context
* @param engine the engine
*/
protected final void validateSamlProtocolResponse(final Response response, final SAML2MessageContext context, final SignatureTrustEngine engine) {
if (!StatusCode.SUCCESS.equals(response.getStatus().getStatusCode().getValue())) {
String status = response.getStatus().getStatusCode().getValue();
if (response.getStatus().getStatusMessage() != null) {
status += " / " + response.getStatus().getStatusMessage().getMessage();
}
throw new SAMLException("Authentication response is not success ; actual " + status);
}
if (response.getSignature() != null) {
final String entityId = context.getSAMLPeerEntityContext().getEntityId();
validateSignature(response.getSignature(), entityId, engine);
context.getSAMLPeerEntityContext().setAuthenticated(true);
}
if (!isIssueInstantValid(response.getIssueInstant())) {
throw new SAMLIssueInstantException("Response issue instant is too old or in the future");
}
AuthnRequest request = null;
final SAMLMessageStorage messageStorage = context.getSAMLMessageStorage();
if (messageStorage != null && response.getInResponseTo() != null) {
final XMLObject xmlObject = messageStorage.retrieveMessage(response.getInResponseTo());
if (xmlObject == null) {
throw new SAMLInResponseToMismatchException("InResponseToField of the Response doesn't correspond to sent message " + response.getInResponseTo());
} else if (xmlObject instanceof AuthnRequest) {
request = (AuthnRequest) xmlObject;
} else {
throw new SAMLInResponseToMismatchException("Sent request was of different type than the expected AuthnRequest " + response.getInResponseTo());
}
}
verifyEndpoint(context.getSAMLEndpointContext().getEndpoint(), response.getDestination());
if (request != null) {
verifyRequest(request, context);
}
if (response.getIssuer() != null) {
validateIssuer(response.getIssuer(), context);
}
}
Aggregations