Search in sources :

Example 1 with StatusResponseType

use of org.opensaml.saml.saml2.core.StatusResponseType in project pac4j by pac4j.

the class Pac4jHTTPPostEncoder method populateVelocityContext.

/**
 * Populate the Velocity context instance which will be used to render the POST body.
 *
 * @param velocityContext the Velocity context instance to populate with data
 * @param messageContext the SAML message context source of data
 * @param endpointURL endpoint URL to which to encode message
 * @throws MessageEncodingException thrown if there is a problem encoding the message
 */
protected void populateVelocityContext(VelocityContext velocityContext, MessageContext<SAMLObject> messageContext, String endpointURL) throws MessageEncodingException {
    String encodedEndpointURL = HTMLEncoder.encodeForHTMLAttribute(endpointURL);
    log.debug("Encoding action url of '{}' with encoded value '{}'", endpointURL, encodedEndpointURL);
    velocityContext.put("action", encodedEndpointURL);
    velocityContext.put("binding", getBindingURI());
    SAMLObject outboundMessage = messageContext.getMessage();
    log.debug("Marshalling and Base64 encoding SAML message");
    Element domMessage = marshallMessage(outboundMessage);
    String messageXML = SerializeSupport.nodeToString(domMessage);
    log.trace("Output XML message: {}", messageXML);
    String encodedMessage = Base64Support.encode(messageXML.getBytes(StandardCharsets.UTF_8), Base64Support.UNCHUNKED);
    if (outboundMessage instanceof RequestAbstractType) {
        velocityContext.put("SAMLRequest", encodedMessage);
    } else if (outboundMessage instanceof StatusResponseType) {
        velocityContext.put("SAMLResponse", encodedMessage);
    } else {
        throw new MessageEncodingException("SAML message is neither a SAML RequestAbstractType or StatusResponseType");
    }
    String relayState = SAMLBindingSupport.getRelayState(messageContext);
    if (SAMLBindingSupport.checkRelayState(relayState)) {
        String encodedRelayState = HTMLEncoder.encodeForHTMLAttribute(relayState);
        log.debug("Setting RelayState parameter to: '{}', encoded as '{}'", relayState, encodedRelayState);
        velocityContext.put("RelayState", encodedRelayState);
    }
}
Also used : SAMLObject(org.opensaml.saml.common.SAMLObject) Element(org.w3c.dom.Element) RequestAbstractType(org.opensaml.saml.saml2.core.RequestAbstractType) MessageEncodingException(org.opensaml.messaging.encoder.MessageEncodingException) StatusResponseType(org.opensaml.saml.saml2.core.StatusResponseType)

Example 2 with StatusResponseType

use of org.opensaml.saml.saml2.core.StatusResponseType in project pac4j by pac4j.

the class Pac4jHTTPRedirectDeflateEncoder method buildRedirectURL.

/**
 * Builds the URL to redirect the client to.
 *
 * @param messageContext current message context
 * @param endpoint endpoint URL to send encoded message to
 * @param message Deflated and Base64 encoded message
 *
 * @return URL to redirect client to
 *
 * @throws MessageEncodingException thrown if the SAML message is neither a RequestAbstractType or Response
 */
protected String buildRedirectURL(MessageContext<SAMLObject> messageContext, String endpoint, String message) throws MessageEncodingException {
    log.debug("Building URL to redirect client to");
    URLBuilder urlBuilder = null;
    try {
        urlBuilder = new URLBuilder(endpoint);
    } catch (MalformedURLException e) {
        throw new MessageEncodingException("Endpoint URL " + endpoint + " is not a valid URL", e);
    }
    List<Pair<String, String>> queryParams = urlBuilder.getQueryParams();
    queryParams.clear();
    SAMLObject outboundMessage = messageContext.getMessage();
    if (outboundMessage instanceof RequestAbstractType) {
        queryParams.add(new Pair<>("SAMLRequest", message));
    } else if (outboundMessage instanceof StatusResponseType) {
        queryParams.add(new Pair<>("SAMLResponse", message));
    } else {
        throw new MessageEncodingException("SAML message is neither a SAML RequestAbstractType or StatusResponseType");
    }
    String relayState = SAMLBindingSupport.getRelayState(messageContext);
    if (SAMLBindingSupport.checkRelayState(relayState)) {
        queryParams.add(new Pair<>("RelayState", relayState));
    }
    SignatureSigningParameters signingParameters = SAMLMessageSecuritySupport.getContextSigningParameters(messageContext);
    if (signingParameters != null && signingParameters.getSigningCredential() != null) {
        String sigAlgURI = getSignatureAlgorithmURI(signingParameters);
        Pair<String, String> sigAlg = new Pair<>("SigAlg", sigAlgURI);
        queryParams.add(sigAlg);
        String sigMaterial = urlBuilder.buildQueryString();
        queryParams.add(new Pair<>("Signature", generateSignature(signingParameters.getSigningCredential(), sigAlgURI, sigMaterial)));
    } else {
        log.debug("No signing credential was supplied, skipping HTTP-Redirect DEFLATE signing");
    }
    return urlBuilder.buildURL();
}
Also used : MalformedURLException(java.net.MalformedURLException) SignableSAMLObject(org.opensaml.saml.common.SignableSAMLObject) SAMLObject(org.opensaml.saml.common.SAMLObject) SignatureSigningParameters(org.opensaml.xmlsec.SignatureSigningParameters) RequestAbstractType(org.opensaml.saml.saml2.core.RequestAbstractType) MessageEncodingException(org.opensaml.messaging.encoder.MessageEncodingException) StatusResponseType(org.opensaml.saml.saml2.core.StatusResponseType) URLBuilder(net.shibboleth.utilities.java.support.net.URLBuilder) Pair(net.shibboleth.utilities.java.support.collection.Pair)

Aggregations

MessageEncodingException (org.opensaml.messaging.encoder.MessageEncodingException)2 SAMLObject (org.opensaml.saml.common.SAMLObject)2 RequestAbstractType (org.opensaml.saml.saml2.core.RequestAbstractType)2 StatusResponseType (org.opensaml.saml.saml2.core.StatusResponseType)2 MalformedURLException (java.net.MalformedURLException)1 Pair (net.shibboleth.utilities.java.support.collection.Pair)1 URLBuilder (net.shibboleth.utilities.java.support.net.URLBuilder)1 SignableSAMLObject (org.opensaml.saml.common.SignableSAMLObject)1 SignatureSigningParameters (org.opensaml.xmlsec.SignatureSigningParameters)1 Element (org.w3c.dom.Element)1