Example 11 with Response
use of org.opensaml.saml.saml2.ecp.Response in project ddf by codice.
the class LogoutRequestServiceTest method testGetLogoutRequestResponse.
@Test
public void testGetLogoutRequestResponse() throws Exception {
String signature = "signature";
String signatureAlgorithm = "sha1";
String relayState = UUID.randomUUID().toString();
String deflatedSamlResponse = RestSecurity.deflateAndBase64Encode("deflatedSamlResponse");
LogoutResponse logoutResponse = mock(LogoutResponse.class);
when(logoutResponse.getIssueInstant()).thenReturn(new DateTime());
when(logoutResponse.getVersion()).thenReturn(SAMLVersion.VERSION_20);
when(logoutResponse.getID()).thenReturn("id");
when(logoutMessage.extractSamlLogoutResponse(eq("deflatedSamlResponse"))).thenReturn(logoutResponse);
Response response = logoutRequestService.getLogoutRequest(null, deflatedSamlResponse, relayState, signatureAlgorithm, signature);
assertEquals(Response.Status.SEE_OTHER.getStatusCode(), response.getStatus());
assertTrue("Expected a successful logout message", response.getLocation().toString().contains("logged+out+successfully."));
}
Also used :
LogoutResponse(org.opensaml.saml.saml2.core.LogoutResponse)
Response(javax.ws.rs.core.Response)
LogoutResponse(org.opensaml.saml.saml2.core.LogoutResponse)
Matchers.anyString(org.mockito.Matchers.anyString)
DateTime(org.joda.time.DateTime)
Test(org.junit.Test)
Example 12 with Response
use of org.opensaml.saml.saml2.ecp.Response in project ddf by codice.
the class LogoutRequestService method sendLogoutRequest.
@GET
@Path("/request")
public Response sendLogoutRequest(@QueryParam("EncryptedNameIdTime") String encryptedNameIdTime) {
String nameIdTime = encryptionService.decrypt(encryptedNameIdTime);
String[] nameIdTimeArray = StringUtils.split(nameIdTime, "\n");
if (nameIdTimeArray.length == 2) {
try {
String name = nameIdTimeArray[0];
Long time = Long.parseLong(nameIdTimeArray[1]);
if (System.currentTimeMillis() - time > logOutPageTimeOut) {
String msg = String.format("Logout request was older than %sms old so it was rejected. Please refresh page and request again.", logOutPageTimeOut);
LOGGER.info(msg);
return buildLogoutResponse(msg);
}
logout();
LogoutRequest logoutRequest = logoutMessage.buildLogoutRequest(name, getEntityId());
String relayState = relayStates.encode(name);
return getLogoutRequest(relayState, logoutRequest);
} catch (Exception e) {
String msg = "Failed to create logout request.";
LOGGER.info(msg, e);
return buildLogoutResponse(msg);
}
} else {
String msg = "Failed to decrypt logout request params. Invalid number of params.";
LOGGER.info(msg);
return buildLogoutResponse(msg);
}
}
Also used :
LogoutRequest(org.opensaml.saml.saml2.core.LogoutRequest)
URISyntaxException(java.net.URISyntaxException)
WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)
XMLStreamException(javax.xml.stream.XMLStreamException)
ValidationException(ddf.security.samlp.ValidationException)
IOException(java.io.IOException)
Path(javax.ws.rs.Path)
GET(javax.ws.rs.GET)
Example 13 with Response
use of org.opensaml.saml.saml2.ecp.Response in project ddf by codice.
the class LogoutRequestService method getSamlpPostLogoutRequest.
private Response getSamlpPostLogoutRequest(String relayState, LogoutRequest logoutRequest) throws SimpleSign.SignatureException, WSSecurityException {
LOGGER.debug("Configuring SAML LogoutRequest for POST.");
Document doc = DOMUtils.createDocument();
doc.appendChild(doc.createElement("root"));
LOGGER.debug("Signing SAML POST LogoutRequest.");
simpleSign.signSamlObject(logoutRequest);
LOGGER.debug("Converting SAML Request to DOM");
String assertionResponse = DOM2Writer.nodeToString(OpenSAMLUtil.toDom(logoutRequest, doc));
String encodedSamlRequest = Base64.getEncoder().encodeToString(assertionResponse.getBytes(StandardCharsets.UTF_8));
String singleLogoutLocation = idpMetadata.getSingleLogoutLocation();
String submitFormUpdated = String.format(submitForm, singleLogoutLocation, SAML_REQUEST, encodedSamlRequest, relayState);
Response.ResponseBuilder ok = Response.ok(submitFormUpdated);
return ok.build();
}
Also used :
Response(javax.ws.rs.core.Response)
LogoutResponse(org.opensaml.saml.saml2.core.LogoutResponse)
Document(org.w3c.dom.Document)
Example 14 with Response
use of org.opensaml.saml.saml2.ecp.Response in project ddf by codice.
the class LogoutRequestService method getSamlpRedirectLogoutRequest.
private Response getSamlpRedirectLogoutRequest(String relayState, LogoutRequest logoutRequest) throws IOException, SimpleSign.SignatureException, WSSecurityException, URISyntaxException {
LOGGER.debug("Configuring SAML Response for Redirect.");
Document doc = DOMUtils.createDocument();
doc.appendChild(doc.createElement("root"));
URI location = logoutMessage.signSamlGetRequest(logoutRequest, new URI(idpMetadata.getSingleLogoutLocation()), relayState);
String redirectUpdated = String.format(redirectPage, location.toString());
Response.ResponseBuilder ok = Response.ok(redirectUpdated);
return ok.build();
}
Also used :
Response(javax.ws.rs.core.Response)
LogoutResponse(org.opensaml.saml.saml2.core.LogoutResponse)
Document(org.w3c.dom.Document)
URI(java.net.URI)
Example 15 with Response
use of org.opensaml.saml.saml2.ecp.Response in project ddf by codice.
the class LoginFilter method createSamlResponse.
/**
* Creates the SAML response that we use for validation against the CXF
* code.
*
* @param inResponseTo
* @param issuer
* @param status
* @return Response
*/
private static Response createSamlResponse(String inResponseTo, String issuer, Status status) {
if (responseBuilder == null) {
responseBuilder = (SAMLObjectBuilder<Response>) builderFactory.getBuilder(Response.DEFAULT_ELEMENT_NAME);
}
Response response = responseBuilder.buildObject();
response.setID(UUID.randomUUID().toString());
response.setIssueInstant(new DateTime());
response.setInResponseTo(inResponseTo);
response.setIssuer(createIssuer(issuer));
response.setStatus(status);
response.setVersion(SAMLVersion.VERSION_20);
return response;
}
Also used :
Response(org.opensaml.saml.saml2.core.Response)
ServletResponse(javax.servlet.ServletResponse)
DateTime(org.joda.time.DateTime)
Aggregations
Response (org.opensaml.saml.saml2.core.Response)82
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)41
Test (org.junit.Test)41
Element (org.w3c.dom.Element)35
Document (org.w3c.dom.Document)31
DateTime (org.joda.time.DateTime)30
Status (org.opensaml.saml.saml2.core.Status)30
Response (javax.ws.rs.core.Response)29
ResponseBuilder.aResponse (uk.gov.ida.saml.core.test.builders.ResponseBuilder.aResponse)27
LogoutResponse (org.opensaml.saml.saml2.core.LogoutResponse)25
SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)23
SamlValidationResponse (uk.gov.ida.saml.core.validation.SamlValidationResponse)21
Matchers.anyString (org.mockito.Matchers.anyString)20
SAMLCallback (org.apache.wss4j.common.saml.SAMLCallback)18
SubjectConfirmationDataBean (org.apache.wss4j.common.saml.bean.SubjectConfirmationDataBean)18
Assertion (org.opensaml.saml.saml2.core.Assertion)18
AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)18
InputStream (java.io.InputStream)15
IOException (java.io.IOException)13
Crypto (org.apache.wss4j.common.crypto.Crypto)13
