Example 81 with AuthnRequest
use of org.opensaml.saml2.core.AuthnRequest in project cxf by apache.
the class AbstractServiceProviderFilter method createSamlRequestInfo.
protected SamlRequestInfo createSamlRequestInfo(Message m) throws Exception {
Document doc = DOMUtils.createDocument();
doc.appendChild(doc.createElement("root"));
// Create the AuthnRequest
AuthnRequest authnRequest = authnRequestBuilder.createAuthnRequest(m, getIssuerId(m), getAbsoluteAssertionServiceAddress(m));
if (isSignRequest()) {
authnRequest.setDestination(getIdpServiceAddress());
signAuthnRequest(authnRequest);
}
Element authnRequestElement = OpenSAMLUtil.toDom(authnRequest, doc);
String authnRequestEncoded = encodeAuthnRequest(authnRequestElement);
SamlRequestInfo info = new SamlRequestInfo();
info.setSamlRequest(authnRequestEncoded);
String webAppContext = getWebAppContext(m);
String originalRequestURI = new UriInfoImpl(m).getRequestUri().toString();
RequestState requestState = new RequestState(originalRequestURI, getIdpServiceAddress(), authnRequest.getID(), getIssuerId(m), webAppContext, getWebAppDomain(), System.currentTimeMillis(), getStateTimeToLive());
String relayState = URLEncoder.encode(UUID.randomUUID().toString(), StandardCharsets.UTF_8.name());
getStateProvider().setRequestState(relayState, requestState);
info.setRelayState(relayState);
info.setWebAppContext(webAppContext);
info.setWebAppDomain(getWebAppDomain());
return info;
}
Also used :
RequestState(org.apache.cxf.rs.security.saml.sso.state.RequestState)
AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)
Element(org.w3c.dom.Element)
Document(org.w3c.dom.Document)
UriInfoImpl(org.apache.cxf.jaxrs.impl.UriInfoImpl)
Example 82 with AuthnRequest
use of org.opensaml.saml2.core.AuthnRequest in project cxf by apache.
the class AuthnRequestBuilderTest method testAuthnRequestBuilder.
@org.junit.Test
public void testAuthnRequestBuilder() throws Exception {
Document doc = DOMUtils.createDocument();
AuthnRequestBuilder authnRequestBuilder = new DefaultAuthnRequestBuilder();
Message message = new MessageImpl();
AuthnRequest authnRequest = authnRequestBuilder.createAuthnRequest(message, "http://localhost:9001/app", "http://localhost:9001/sso");
Element policyElement = OpenSAMLUtil.toDom(authnRequest, doc);
doc.appendChild(policyElement);
// String outputString = DOM2Writer.nodeToString(policyElement);
assertNotNull(policyElement);
}
Also used :
Message(org.apache.cxf.message.Message)
AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)
Element(org.w3c.dom.Element)
Document(org.w3c.dom.Document)
MessageImpl(org.apache.cxf.message.MessageImpl)
Example 83 with AuthnRequest
use of org.opensaml.saml2.core.AuthnRequest in project cxf by apache.
the class AuthnRequestBuilderTest method testCreateAuthnRequest.
@org.junit.Test
public void testCreateAuthnRequest() throws Exception {
Document doc = DOMUtils.createDocument();
Issuer issuer = SamlpRequestComponentBuilder.createIssuer("http://localhost:9001/app");
NameIDPolicy nameIDPolicy = SamlpRequestComponentBuilder.createNameIDPolicy(true, "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", "Issuer");
AuthnContextClassRef authnCtxClassRef = SamlpRequestComponentBuilder.createAuthnCtxClassRef("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport");
RequestedAuthnContext authnCtx = SamlpRequestComponentBuilder.createRequestedAuthnCtxPolicy(AuthnContextComparisonTypeEnumeration.EXACT, Collections.singletonList(authnCtxClassRef), null);
AuthnRequest authnRequest = SamlpRequestComponentBuilder.createAuthnRequest("http://localhost:9001/sso", false, false, "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST", SAMLVersion.VERSION_20, issuer, nameIDPolicy, authnCtx);
Element policyElement = OpenSAMLUtil.toDom(authnRequest, doc);
doc.appendChild(policyElement);
// String outputString = DOM2Writer.nodeToString(policyElement);
assertNotNull(policyElement);
}
Also used :
RequestedAuthnContext(org.opensaml.saml.saml2.core.RequestedAuthnContext)
AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)
Issuer(org.opensaml.saml.saml2.core.Issuer)
NameIDPolicy(org.opensaml.saml.saml2.core.NameIDPolicy)
Element(org.w3c.dom.Element)
AuthnContextClassRef(org.opensaml.saml.saml2.core.AuthnContextClassRef)
Document(org.w3c.dom.Document)
Example 84 with AuthnRequest
use of org.opensaml.saml2.core.AuthnRequest in project cxf by apache.
the class SamlpRequestComponentBuilder method createAuthnRequest.
@SuppressWarnings("unchecked")
public static // CHECKSTYLE:OFF
AuthnRequest createAuthnRequest(String serviceURL, boolean forceAuthn, boolean isPassive, String protocolBinding, SAMLVersion version, Issuer issuer, NameIDPolicy nameIDPolicy, RequestedAuthnContext requestedAuthnCtx) {
// CHECKSTYLE:ON
if (authnRequestBuilder == null) {
authnRequestBuilder = (SAMLObjectBuilder<AuthnRequest>) builderFactory.getBuilder(AuthnRequest.DEFAULT_ELEMENT_NAME);
}
AuthnRequest authnRequest = authnRequestBuilder.buildObject();
authnRequest.setAssertionConsumerServiceURL(serviceURL);
authnRequest.setForceAuthn(forceAuthn);
authnRequest.setID("_" + UUID.randomUUID());
authnRequest.setIsPassive(isPassive);
authnRequest.setIssueInstant(new DateTime());
authnRequest.setProtocolBinding(protocolBinding);
authnRequest.setVersion(version);
authnRequest.setIssuer(issuer);
authnRequest.setNameIDPolicy(nameIDPolicy);
authnRequest.setRequestedAuthnContext(requestedAuthnCtx);
return authnRequest;
}
Also used :
AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)
DateTime(org.joda.time.DateTime)
Example 85 with AuthnRequest
use of org.opensaml.saml2.core.AuthnRequest in project verify-hub by alphagov.
the class AuthnRequestFactory method anInvalidAuthnRequest.
public String anInvalidAuthnRequest(String id, String issuer, Optional<Boolean> forceAuthentication, Optional<URI> assertionConsumerServiceUrl, Optional<Integer> assertionConsumerServiceIndex, String publicCert, String privateKey, String ssoRequestEndpoint, Optional<DateTime> issueInstant) {
// Pad ID to ensure request is long enough
AuthnRequest authnRequest = getAuthnRequest(StringUtils.rightPad(id, 1200, "x"), issuer, forceAuthentication, assertionConsumerServiceUrl, assertionConsumerServiceIndex, publicCert, privateKey, ssoRequestEndpoint, issueInstant);
authnRequest.setSignature(null);
// Use a different transformer to ensure that no Signature elements are added
XmlObjectToBase64EncodedStringTransformer<XMLObject> transformer = new XmlObjectToBase64EncodedStringTransformer<>();
return transformer.apply(authnRequest);
}
Also used :
AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)
XMLObject(org.opensaml.core.xml.XMLObject)
XmlObjectToBase64EncodedStringTransformer(uk.gov.ida.saml.serializers.XmlObjectToBase64EncodedStringTransformer)
Aggregations
AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)120
Test (org.junit.jupiter.api.Test)37
lombok.val (lombok.val)26
Issuer (org.opensaml.saml.saml2.core.Issuer)21
AuthnRequest (org.opensaml.saml2.core.AuthnRequest)17
DateTime (org.joda.time.DateTime)16
AuthnRequestBuilder.anAuthnRequest (uk.gov.ida.saml.core.test.builders.AuthnRequestBuilder.anAuthnRequest)15
IdaAuthnRequestFromHub (uk.gov.ida.saml.hub.domain.IdaAuthnRequestFromHub)12
IdaAuthnRequestBuilder.anIdaAuthnRequest (uk.gov.ida.saml.hub.test.builders.IdaAuthnRequestBuilder.anIdaAuthnRequest)12
MessageContext (org.opensaml.messaging.context.MessageContext)10
SAMLObjectBuilder (org.opensaml.saml.common.SAMLObjectBuilder)10
Element (org.w3c.dom.Element)10
RequestedAuthnContext (org.opensaml.saml.saml2.core.RequestedAuthnContext)9
SamlRegisteredService (org.apereo.cas.support.saml.services.SamlRegisteredService)8
SamlRegisteredServiceServiceProviderMetadataFacade (org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)8
NameIDPolicy (org.opensaml.saml.saml2.core.NameIDPolicy)8
IOException (java.io.IOException)7
XMLObject (org.opensaml.core.xml.XMLObject)7
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)6
AuthnRequestBuilder (org.opensaml.saml.saml2.core.impl.AuthnRequestBuilder)6
