Examples with org.opensaml.saml.saml2.metadata org.opensaml.saml.saml2.metadata used on opensource projects

Search in sources :

Example 21 with org.opensaml.saml.saml2.metadata

use of org.opensaml.saml.saml2.metadata in project cxf by apache.

the class IssueUnitTest method testRetrieveWSMEX.

@org.junit.Test
public void testRetrieveWSMEX() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = IssueUnitTest.class.getResource("cxf-client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    // Get Metadata
    JaxWsProxyFactoryBean proxyFac = new JaxWsProxyFactoryBean();
    proxyFac.setBindingId(SoapBindingConstants.SOAP11_BINDING_ID);
    proxyFac.setAddress("https://localhost:" + STSPORT + "/SecurityTokenService/Transport/mex");
    MetadataExchange exc = proxyFac.create(MetadataExchange.class);
    Metadata metadata = exc.get2004();
    // Parse response (as per the STSClient)
    Definition definition = null;
    // Parse the MetadataSections into WSDL definition + associated schemas
    for (MetadataSection s : metadata.getMetadataSection()) {
        if ("http://schemas.xmlsoap.org/wsdl/".equals(s.getDialect())) {
            definition = bus.getExtension(WSDLManager.class).getDefinition((Element) s.getAny());
        }
    }
    assertNotNull(definition);
}
Also used : Bus(org.apache.cxf.Bus) MetadataSection(org.apache.cxf.ws.mex.model._2004_09.MetadataSection) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) Element(org.w3c.dom.Element) JaxWsProxyFactoryBean(org.apache.cxf.jaxws.JaxWsProxyFactoryBean) Metadata(org.apache.cxf.ws.mex.model._2004_09.Metadata) Definition(javax.wsdl.Definition) MetadataExchange(org.apache.cxf.ws.mex.MetadataExchange) URL(java.net.URL)

Example 22 with org.opensaml.saml.saml2.metadata

use of org.opensaml.saml.saml2.metadata in project cxf by apache.

the class MEXTest method testGet.

@Test
public void testGet() {
    // Create the client
    JaxWsProxyFactoryBean proxyFac = new JaxWsProxyFactoryBean();
    proxyFac.setAddress("local://Echo-mex");
    proxyFac.getClientFactoryBean().setTransportId(LocalTransportFactory.TRANSPORT_ID);
    MetadataExchange exc = proxyFac.create(MetadataExchange.class);
    Metadata metadata = exc.get2004();
    assertNotNull(metadata);
    proxyFac = new JaxWsProxyFactoryBean();
    proxyFac.setAddress("local://Echo");
    proxyFac.getClientFactoryBean().setTransportId(LocalTransportFactory.TRANSPORT_ID);
    exc = proxyFac.create(MetadataExchange.class);
    metadata = exc.get2004();
    assertNotNull(metadata);
}
Also used : JaxWsProxyFactoryBean(org.apache.cxf.jaxws.JaxWsProxyFactoryBean) Metadata(org.apache.cxf.ws.mex.model._2004_09.Metadata) Test(org.junit.Test)

Example 23 with org.opensaml.saml.saml2.metadata

use of org.opensaml.saml.saml2.metadata in project syncope by apache.

the class SAML2ITCase method createResponse.

private org.opensaml.saml.saml2.core.Response createResponse(final String inResponseTo, final boolean signAssertion, final String subjectConfMethod, final String issuer) throws Exception {
    Status status = SAML2PResponseComponentBuilder.createStatus(SAMLProtocolResponseValidator.SAML2_STATUSCODE_SUCCESS, null);
    org.opensaml.saml.saml2.core.Response response = SAML2PResponseComponentBuilder.createSAMLResponse(inResponseTo, issuer, status);
    response.setDestination("http://recipient.apache.org");
    // Create an AuthenticationAssertion
    SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
    callbackHandler.setIssuer(issuer);
    callbackHandler.setSubjectName("puccini");
    callbackHandler.setSubjectConfirmationMethod(subjectConfMethod);
    SubjectConfirmationDataBean subjectConfirmationData = new SubjectConfirmationDataBean();
    subjectConfirmationData.setAddress("http://apache.org");
    subjectConfirmationData.setInResponseTo(inResponseTo);
    subjectConfirmationData.setNotAfter(new DateTime().plusMinutes(5));
    subjectConfirmationData.setRecipient("http://recipient.apache.org/saml2sp/assertion-consumer");
    callbackHandler.setSubjectConfirmationData(subjectConfirmationData);
    ConditionsBean conditions = new ConditionsBean();
    conditions.setNotBefore(new DateTime());
    conditions.setNotAfter(new DateTime().plusMinutes(5));
    AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
    audienceRestriction.setAudienceURIs(Collections.singletonList("http://recipient.apache.org/"));
    conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction));
    callbackHandler.setConditions(conditions);
    SAMLCallback samlCallback = new SAMLCallback();
    SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
    SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
    if (signAssertion) {
        Crypto issuerCrypto = new Merlin();
        KeyStore keyStore = KeyStore.getInstance("JKS");
        InputStream input = Files.newInputStream(keystorePath);
        keyStore.load(input, "security".toCharArray());
        ((Merlin) issuerCrypto).setKeyStore(keyStore);
        assertion.signAssertion("subject", "security", issuerCrypto, false);
    }
    response.getAssertions().add(assertion.getSaml2());
    return response;
}
Also used : Status(org.opensaml.saml.saml2.core.Status) AudienceRestrictionBean(org.apache.wss4j.common.saml.bean.AudienceRestrictionBean) InputStream(java.io.InputStream) ConditionsBean(org.apache.wss4j.common.saml.bean.ConditionsBean) SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper) KeyStore(java.security.KeyStore) DateTime(org.joda.time.DateTime) Crypto(org.apache.wss4j.common.crypto.Crypto) SubjectConfirmationDataBean(org.apache.wss4j.common.saml.bean.SubjectConfirmationDataBean) SAMLCallback(org.apache.wss4j.common.saml.SAMLCallback) Merlin(org.apache.wss4j.common.crypto.Merlin)

Example 24 with org.opensaml.saml.saml2.metadata

use of org.opensaml.saml.saml2.metadata in project syncope by apache.

the class SAML2SPLogic method getMetadata.

@PreAuthorize("isAuthenticated()")
public void getMetadata(final String spEntityID, final String urlContext, final OutputStream os) {
    check();
    try {
        EntityDescriptor spEntityDescriptor = new EntityDescriptorBuilder().buildObject();
        spEntityDescriptor.setEntityID(spEntityID);
        SPSSODescriptor spSSODescriptor = new SPSSODescriptorBuilder().buildObject();
        spSSODescriptor.setWantAssertionsSigned(true);
        spSSODescriptor.setAuthnRequestsSigned(true);
        spSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
        X509KeyInfoGeneratorFactory keyInfoGeneratorFactory = new X509KeyInfoGeneratorFactory();
        keyInfoGeneratorFactory.setEmitEntityCertificate(true);
        KeyInfoGenerator keyInfoGenerator = keyInfoGeneratorFactory.newInstance();
        keyInfoGenerator.generate(loader.getCredential());
        KeyDescriptor keyDescriptor = new KeyDescriptorBuilder().buildObject();
        keyDescriptor.setKeyInfo(keyInfoGenerator.generate(loader.getCredential()));
        spSSODescriptor.getKeyDescriptors().add(keyDescriptor);
        NameIDFormat nameIDFormat = new NameIDFormatBuilder().buildObject();
        nameIDFormat.setFormat(NameIDType.PERSISTENT);
        spSSODescriptor.getNameIDFormats().add(nameIDFormat);
        nameIDFormat = new NameIDFormatBuilder().buildObject();
        nameIDFormat.setFormat(NameIDType.TRANSIENT);
        spSSODescriptor.getNameIDFormats().add(nameIDFormat);
        for (SAML2BindingType bindingType : SAML2BindingType.values()) {
            AssertionConsumerService assertionConsumerService = new AssertionConsumerServiceBuilder().buildObject();
            assertionConsumerService.setIndex(bindingType.ordinal());
            assertionConsumerService.setBinding(bindingType.getUri());
            assertionConsumerService.setLocation(getAssertionConsumerURL(spEntityID, urlContext));
            spSSODescriptor.getAssertionConsumerServices().add(assertionConsumerService);
            spEntityDescriptor.getRoleDescriptors().add(spSSODescriptor);
            String sloUrl = spEntityID + urlContext + "/logout";
            validateUrl(sloUrl);
            SingleLogoutService singleLogoutService = new SingleLogoutServiceBuilder().buildObject();
            singleLogoutService.setBinding(bindingType.getUri());
            singleLogoutService.setLocation(sloUrl);
            singleLogoutService.setResponseLocation(sloUrl);
            spSSODescriptor.getSingleLogoutServices().add(singleLogoutService);
        }
        spEntityDescriptor.getRoleDescriptors().add(spSSODescriptor);
        saml2rw.sign(spEntityDescriptor);
        saml2rw.write(new OutputStreamWriter(os), spEntityDescriptor, true);
    } catch (Exception e) {
        LOG.error("While getting SP metadata", e);
        SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.Unknown);
        sce.getElements().add(e.getMessage());
        throw sce;
    }
}
Also used : SAML2BindingType(org.apache.syncope.common.lib.types.SAML2BindingType) SPSSODescriptorBuilder(org.opensaml.saml.saml2.metadata.impl.SPSSODescriptorBuilder) SingleLogoutService(org.opensaml.saml.saml2.metadata.SingleLogoutService) KeyDescriptor(org.opensaml.saml.saml2.metadata.KeyDescriptor) AssertionConsumerServiceBuilder(org.opensaml.saml.saml2.metadata.impl.AssertionConsumerServiceBuilder) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) NameIDFormatBuilder(org.opensaml.saml.saml2.metadata.impl.NameIDFormatBuilder) XSString(org.opensaml.core.xml.schema.XSString) EntityDescriptorBuilder(org.opensaml.saml.saml2.metadata.impl.EntityDescriptorBuilder) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) NotFoundException(org.apache.syncope.core.persistence.api.dao.NotFoundException) EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor) SPSSODescriptor(org.opensaml.saml.saml2.metadata.SPSSODescriptor) KeyInfoGenerator(org.opensaml.xmlsec.keyinfo.KeyInfoGenerator) NameIDFormat(org.opensaml.saml.saml2.metadata.NameIDFormat) SingleLogoutServiceBuilder(org.opensaml.saml.saml2.metadata.impl.SingleLogoutServiceBuilder) AssertionConsumerService(org.opensaml.saml.saml2.metadata.AssertionConsumerService) OutputStreamWriter(java.io.OutputStreamWriter) KeyDescriptorBuilder(org.opensaml.saml.saml2.metadata.impl.KeyDescriptorBuilder) X509KeyInfoGeneratorFactory(org.opensaml.xmlsec.keyinfo.impl.X509KeyInfoGeneratorFactory) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)

Example 25 with org.opensaml.saml.saml2.metadata

use of org.opensaml.saml.saml2.metadata in project pac4j by pac4j.

the class SAML2ContextProvider method addContext.

protected final void addContext(final SAML2MetadataResolver entityId, final BaseContext parentContext, final QName elementName) {
    final EntityDescriptor entityDescriptor;
    final RoleDescriptor roleDescriptor;
    try {
        final CriteriaSet set = new CriteriaSet();
        set.add(new EntityIdCriterion(entityId.getEntityId()));
        entityDescriptor = this.metadata.resolveSingle(set);
        if (entityDescriptor == null) {
            throw new SAMLException("Cannot find entity " + entityId + " in metadata provider");
        }
        final List<RoleDescriptor> list = entityDescriptor.getRoleDescriptors(elementName, SAMLConstants.SAML20P_NS);
        roleDescriptor = CommonHelper.isNotEmpty(list) ? list.get(0) : null;
        if (roleDescriptor == null) {
            throw new SAMLException("Cannot find entity " + entityId + " or role " + elementName + " in metadata provider");
        }
    } catch (final ResolverException e) {
        throw new SAMLException("An error occured while getting IDP descriptors", e);
    }
    final SAMLMetadataContext mdCtx = parentContext.getSubcontext(SAMLMetadataContext.class, true);
    mdCtx.setEntityDescriptor(entityDescriptor);
    mdCtx.setRoleDescriptor(roleDescriptor);
}
Also used : EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor) ResolverException(net.shibboleth.utilities.java.support.resolver.ResolverException) RoleDescriptor(org.opensaml.saml.saml2.metadata.RoleDescriptor) CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet) EntityIdCriterion(org.opensaml.core.criterion.EntityIdCriterion) SAMLMetadataContext(org.opensaml.saml.common.messaging.context.SAMLMetadataContext) SAMLException(org.pac4j.saml.exceptions.SAMLException)

Aggregations

EntityDescriptor (org.opensaml.saml.saml2.metadata.EntityDescriptor)22 IOException (java.io.IOException)11 InputStream (java.io.InputStream)9 SamlRegisteredServiceServiceProviderMetadataFacade (org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)9 AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)9 Document (org.w3c.dom.Document)9 AssertionConsumerService (org.opensaml.saml.saml2.metadata.AssertionConsumerService)8 Element (org.w3c.dom.Element)8 CriteriaSet (net.shibboleth.utilities.java.support.resolver.CriteriaSet)7 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)7 EntityIdCriterion (org.opensaml.core.criterion.EntityIdCriterion)7 XMLObject (org.opensaml.core.xml.XMLObject)7 SPSSODescriptor (org.opensaml.saml.saml2.metadata.SPSSODescriptor)7 X509Certificate (java.security.cert.X509Certificate)6 UnauthorizedServiceException (org.apereo.cas.services.UnauthorizedServiceException)6 SamlRegisteredService (org.apereo.cas.support.saml.services.SamlRegisteredService)6 SamlRegisteredServiceCachingMetadataResolver (org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver)6 Test (org.junit.Test)6 IDPSSODescriptor (org.opensaml.saml.saml2.metadata.IDPSSODescriptor)6 SimpleSign (ddf.security.samlp.SimpleSign)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial