Example 31 with Request
use of org.opensaml.saml.saml2.ecp.Request in project cas by apereo.
the class SSOSamlProfileCallbackHandlerController method validateRequestAndBuildCasAssertion.
private Assertion validateRequestAndBuildCasAssertion(final HttpServletResponse response, final HttpServletRequest request, final Pair<AuthnRequest, MessageContext> pair) throws Exception {
final AuthnRequest authnRequest = pair.getKey();
final String ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET);
this.ticketValidator.setRenew(authnRequest.isForceAuthn());
final String serviceUrl = constructServiceUrl(request, response, pair);
LOGGER.trace("Created service url for validation: [{}]", serviceUrl);
final Assertion assertion = this.ticketValidator.validate(ticket, serviceUrl);
logCasValidationAssertion(assertion);
return assertion;
}
Also used :
AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)
Assertion(org.jasig.cas.client.validation.Assertion)
Example 32 with Request
use of org.opensaml.saml.saml2.ecp.Request in project cas by apereo.
the class SamlRequestAuditResourceResolver method getAuditResourceFromSamlAuthnRequest.
private String[] getAuditResourceFromSamlAuthnRequest(final AuthnRequest returnValue) {
final AuthnRequest request = returnValue;
final String result = new ToStringBuilder(this, ToStringStyle.NO_CLASS_NAME_STYLE).append("issuer", request.getIssuer().getValue()).append("binding", request.getProtocolBinding()).toString();
return new String[] { result };
}
Also used :
AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)
ToStringBuilder(org.apache.commons.lang3.builder.ToStringBuilder)
Example 33 with Request
use of org.opensaml.saml.saml2.ecp.Request in project cas by apereo.
the class SamlRequestAuditResourceResolver method getAuditResourceFromSamlLogoutRequest.
private String[] getAuditResourceFromSamlLogoutRequest(final LogoutRequest returnValue) {
final LogoutRequest request = returnValue;
final String result = new ToStringBuilder(this, ToStringStyle.NO_CLASS_NAME_STYLE).append("issuer", request.getIssuer().getValue()).toString();
return new String[] { result };
}
Also used :
ToStringBuilder(org.apache.commons.lang3.builder.ToStringBuilder)
LogoutRequest(org.opensaml.saml.saml2.core.LogoutRequest)
Example 34 with Request
use of org.opensaml.saml.saml2.ecp.Request in project cas by apereo.
the class AbstractSamlProfileHandlerController method constructServiceUrl.
/**
* Construct service url string.
*
* @param request the request
* @param response the response
* @param pair the pair
* @return the string
* @throws SamlException the saml exception
*/
@SneakyThrows
protected String constructServiceUrl(final HttpServletRequest request, final HttpServletResponse response, final Pair<? extends SignableSAMLObject, MessageContext> pair) throws SamlException {
final AuthnRequest authnRequest = AuthnRequest.class.cast(pair.getLeft());
final MessageContext messageContext = pair.getRight();
try (StringWriter writer = SamlUtils.transformSamlObject(this.configBean, authnRequest)) {
final URLBuilder builder = new URLBuilder(this.callbackService.getId());
builder.getQueryParams().add(new net.shibboleth.utilities.java.support.collection.Pair<>(SamlProtocolConstants.PARAMETER_ENTITY_ID, SamlIdPUtils.getIssuerFromSamlRequest(authnRequest)));
final String samlRequest = EncodingUtils.encodeBase64(writer.toString().getBytes(StandardCharsets.UTF_8));
builder.getQueryParams().add(new net.shibboleth.utilities.java.support.collection.Pair<>(SamlProtocolConstants.PARAMETER_SAML_REQUEST, samlRequest));
builder.getQueryParams().add(new net.shibboleth.utilities.java.support.collection.Pair<>(SamlProtocolConstants.PARAMETER_SAML_RELAY_STATE, SAMLBindingSupport.getRelayState(messageContext)));
final String url = builder.buildURL();
LOGGER.trace("Built service callback url [{}]", url);
return CommonUtils.constructServiceUrl(request, response, url, casProperties.getServer().getName(), CasProtocolConstants.PARAMETER_SERVICE, CasProtocolConstants.PARAMETER_TICKET, false);
}
}
Also used :
AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)
StringWriter(java.io.StringWriter)
MessageContext(org.opensaml.messaging.context.MessageContext)
URLBuilder(net.shibboleth.utilities.java.support.net.URLBuilder)
SneakyThrows(lombok.SneakyThrows)
Example 35 with Request
use of org.opensaml.saml.saml2.ecp.Request in project cas by apereo.
the class AbstractSamlProfileHandlerController method issueAuthenticationRequestRedirect.
/**
* Redirect request for authentication.
*
* @param pair the pair
* @param request the request
* @param response the response
* @throws Exception the exception
*/
protected void issueAuthenticationRequestRedirect(final Pair<? extends SignableSAMLObject, MessageContext> pair, final HttpServletRequest request, final HttpServletResponse response) throws Exception {
final AuthnRequest authnRequest = AuthnRequest.class.cast(pair.getLeft());
final String serviceUrl = constructServiceUrl(request, response, pair);
LOGGER.debug("Created service url [{}]", serviceUrl);
final String initialUrl = CommonUtils.constructRedirectUrl(casProperties.getServer().getLoginUrl(), CasProtocolConstants.PARAMETER_SERVICE, serviceUrl, authnRequest.isForceAuthn(), authnRequest.isPassive());
final String urlToRedirectTo = buildRedirectUrlByRequestedAuthnContext(initialUrl, authnRequest, request);
LOGGER.debug("Redirecting SAML authN request to [{}]", urlToRedirectTo);
final AuthenticationRedirectStrategy authenticationRedirectStrategy = new DefaultAuthenticationRedirectStrategy();
authenticationRedirectStrategy.redirect(request, response, urlToRedirectTo);
}
Also used :
DefaultAuthenticationRedirectStrategy(org.jasig.cas.client.authentication.DefaultAuthenticationRedirectStrategy)
AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)
DefaultAuthenticationRedirectStrategy(org.jasig.cas.client.authentication.DefaultAuthenticationRedirectStrategy)
AuthenticationRedirectStrategy(org.jasig.cas.client.authentication.AuthenticationRedirectStrategy)
Aggregations
AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)24
IOException (java.io.IOException)13
LogoutResponse (org.opensaml.saml.saml2.core.LogoutResponse)13
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)12
SamlRegisteredServiceServiceProviderMetadataFacade (org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)11
Test (org.junit.Test)10
ValidationException (ddf.security.samlp.ValidationException)9
Response (javax.ws.rs.core.Response)9
SamlRegisteredService (org.apereo.cas.support.saml.services.SamlRegisteredService)9
Assertion (org.jasig.cas.client.validation.Assertion)9
MessageContext (org.opensaml.messaging.context.MessageContext)9
Assertion (org.opensaml.saml.saml2.core.Assertion)9
Document (org.w3c.dom.Document)9
XMLStreamException (javax.xml.stream.XMLStreamException)8
LogoutRequest (org.opensaml.saml.saml2.core.LogoutRequest)8
NameID (org.opensaml.saml.saml2.core.NameID)7
ByteArrayInputStream (java.io.ByteArrayInputStream)6
SimpleSign (ddf.security.samlp.SimpleSign)5
ZonedDateTime (java.time.ZonedDateTime)5
Path (javax.ws.rs.Path)5
