Examples with AuthnRequest org.opensaml.saml2.core.AuthnRequest used on opensource projects

Search in sources :

Example 16 with AuthnRequest

use of org.opensaml.saml2.core.AuthnRequest in project spring-security by spring-projects.

the class OpenSamlAuthenticationRequestFactoryTests method getAuthNRequest.

private AuthnRequest getAuthNRequest(Saml2MessageBinding binding) {
    AbstractSaml2AuthenticationRequest result = (binding == Saml2MessageBinding.REDIRECT) ? this.factory.createRedirectAuthenticationRequest(this.context) : this.factory.createPostAuthenticationRequest(this.context);
    String samlRequest = result.getSamlRequest();
    assertThat(samlRequest).isNotEmpty();
    if (result.getBinding() == Saml2MessageBinding.REDIRECT) {
        samlRequest = Saml2Utils.samlInflate(Saml2Utils.samlDecode(samlRequest));
    } else {
        samlRequest = new String(Saml2Utils.samlDecode(samlRequest), StandardCharsets.UTF_8);
    }
    try {
        Document document = XMLObjectProviderRegistrySupport.getParserPool().parse(new ByteArrayInputStream(samlRequest.getBytes(StandardCharsets.UTF_8)));
        Element element = document.getDocumentElement();
        return (AuthnRequest) this.unmarshaller.unmarshall(element);
    } catch (Exception ex) {
        throw new Saml2Exception(ex);
    }
}
Also used : AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) ByteArrayInputStream(java.io.ByteArrayInputStream) Element(org.w3c.dom.Element) Document(org.w3c.dom.Document) Saml2Exception(org.springframework.security.saml2.Saml2Exception) Saml2Exception(org.springframework.security.saml2.Saml2Exception) Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException)

Example 17 with AuthnRequest

use of org.opensaml.saml2.core.AuthnRequest in project spring-security by spring-projects.

the class OpenSaml4AuthenticationRequestFactory method createAuthnRequest.

private AuthnRequest createAuthnRequest(Saml2AuthenticationRequestContext context) {
    String issuer = context.getIssuer();
    String destination = context.getDestination();
    String assertionConsumerServiceUrl = context.getAssertionConsumerServiceUrl();
    String protocolBinding = context.getRelyingPartyRegistration().getAssertionConsumerServiceBinding().getUrn();
    AuthnRequest auth = this.authnRequestBuilder.buildObject();
    if (auth.getID() == null) {
        auth.setID("ARQ" + UUID.randomUUID().toString().substring(1));
    }
    if (auth.getIssueInstant() == null) {
        auth.setIssueInstant(Instant.now(this.clock));
    }
    if (auth.isForceAuthn() == null) {
        auth.setForceAuthn(Boolean.FALSE);
    }
    if (auth.isPassive() == null) {
        auth.setIsPassive(Boolean.FALSE);
    }
    if (auth.getProtocolBinding() == null) {
        auth.setProtocolBinding(SAMLConstants.SAML2_POST_BINDING_URI);
    }
    auth.setProtocolBinding(protocolBinding);
    if (auth.getNameIDPolicy() == null) {
        setNameIdPolicy(auth, context.getRelyingPartyRegistration());
    }
    Issuer iss = this.issuerBuilder.buildObject();
    iss.setValue(issuer);
    auth.setIssuer(iss);
    auth.setDestination(destination);
    auth.setAssertionConsumerServiceURL(assertionConsumerServiceUrl);
    return auth;
}
Also used : AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) Issuer(org.opensaml.saml.saml2.core.Issuer)

Example 18 with AuthnRequest

use of org.opensaml.saml2.core.AuthnRequest in project spring-security by spring-projects.

the class OpenSaml4AuthenticationRequestFactory method createAuthenticationRequest.

/**
 * {@inheritDoc}
 */
@Override
@Deprecated
public String createAuthenticationRequest(Saml2AuthenticationRequest request) {
    RelyingPartyRegistration registration = RelyingPartyRegistration.withRegistrationId("noId").assertionConsumerServiceBinding(Saml2MessageBinding.POST).assertionConsumerServiceLocation(request.getAssertionConsumerServiceUrl()).entityId(request.getIssuer()).remoteIdpEntityId("noIssuer").idpWebSsoUrl("noUrl").credentials((credentials) -> credentials.addAll(request.getCredentials())).build();
    Saml2AuthenticationRequestContext context = Saml2AuthenticationRequestContext.builder().relyingPartyRegistration(registration).issuer(request.getIssuer()).assertionConsumerServiceUrl(request.getAssertionConsumerServiceUrl()).build();
    AuthnRequest authnRequest = this.authenticationRequestContextConverter.convert(context);
    return OpenSamlSigningUtils.serialize(OpenSamlSigningUtils.sign(authnRequest, registration));
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Converter(org.springframework.core.convert.converter.Converter) OpenSamlInitializationService(org.springframework.security.saml2.core.OpenSamlInitializationService) AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) ConfigurationService(org.opensaml.core.config.ConfigurationService) NameIDPolicyBuilder(org.opensaml.saml.saml2.core.impl.NameIDPolicyBuilder) UUID(java.util.UUID) Instant(java.time.Instant) StandardCharsets(java.nio.charset.StandardCharsets) XMLObjectProviderRegistry(org.opensaml.core.xml.config.XMLObjectProviderRegistry) RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) IssuerBuilder(org.opensaml.saml.saml2.core.impl.IssuerBuilder) Saml2MessageBinding(org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding) AuthnRequestBuilder(org.opensaml.saml.saml2.core.impl.AuthnRequestBuilder) Saml2ParameterNames(org.springframework.security.saml2.core.Saml2ParameterNames) Issuer(org.opensaml.saml.saml2.core.Issuer) Map(java.util.Map) Clock(java.time.Clock) NameIDPolicy(org.opensaml.saml.saml2.core.NameIDPolicy) SAMLConstants(org.opensaml.saml.common.xml.SAMLConstants) QueryParametersPartial(org.springframework.security.saml2.provider.service.authentication.OpenSamlSigningUtils.QueryParametersPartial) Assert(org.springframework.util.Assert) StringUtils(org.springframework.util.StringUtils) AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)

Example 19 with AuthnRequest

use of org.opensaml.saml2.core.AuthnRequest in project spring-security by spring-projects.

the class OpenSaml4AuthenticationRequestFactory method createPostAuthenticationRequest.

/**
 * {@inheritDoc}
 */
@Override
public Saml2PostAuthenticationRequest createPostAuthenticationRequest(Saml2AuthenticationRequestContext context) {
    AuthnRequest authnRequest = this.authenticationRequestContextConverter.convert(context);
    RelyingPartyRegistration registration = context.getRelyingPartyRegistration();
    if (registration.getAssertingPartyDetails().getWantAuthnRequestsSigned()) {
        OpenSamlSigningUtils.sign(authnRequest, registration);
    }
    String xml = OpenSamlSigningUtils.serialize(authnRequest);
    return Saml2PostAuthenticationRequest.withAuthenticationRequestContext(context).samlRequest(Saml2Utils.samlEncode(xml.getBytes(StandardCharsets.UTF_8))).build();
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)

Example 20 with AuthnRequest

use of org.opensaml.saml2.core.AuthnRequest in project cloudstack by apache.

the class SAMLUtils method buildAuthnRequestObject.

public static AuthnRequest buildAuthnRequestObject(final String authnId, final String spId, final String idpUrl, final String consumerUrl) {
    // Issuer object
    IssuerBuilder issuerBuilder = new IssuerBuilder();
    Issuer issuer = issuerBuilder.buildObject();
    issuer.setValue(spId);
    // AuthnContextClass
    AuthnContextClassRefBuilder authnContextClassRefBuilder = new AuthnContextClassRefBuilder();
    AuthnContextClassRef authnContextClassRef = authnContextClassRefBuilder.buildObject(SAMLConstants.SAML20_NS, "AuthnContextClassRef", "saml");
    authnContextClassRef.setAuthnContextClassRef(AuthnContext.PPT_AUTHN_CTX);
    // AuthnContext
    RequestedAuthnContextBuilder requestedAuthnContextBuilder = new RequestedAuthnContextBuilder();
    RequestedAuthnContext requestedAuthnContext = requestedAuthnContextBuilder.buildObject();
    requestedAuthnContext.setComparison(AuthnContextComparisonTypeEnumeration.EXACT);
    requestedAuthnContext.getAuthnContextClassRefs().add(authnContextClassRef);
    // Creation of AuthRequestObject
    AuthnRequestBuilder authRequestBuilder = new AuthnRequestBuilder();
    AuthnRequest authnRequest = authRequestBuilder.buildObject();
    authnRequest.setID(authnId);
    authnRequest.setDestination(idpUrl);
    authnRequest.setVersion(SAMLVersion.VERSION_20);
    authnRequest.setForceAuthn(false);
    authnRequest.setIsPassive(false);
    authnRequest.setIssueInstant(new DateTime());
    authnRequest.setProtocolBinding(SAMLConstants.SAML2_POST_BINDING_URI);
    authnRequest.setAssertionConsumerServiceURL(consumerUrl);
    authnRequest.setProviderName(spId);
    authnRequest.setIssuer(issuer);
    authnRequest.setRequestedAuthnContext(requestedAuthnContext);
    return authnRequest;
}
Also used : RequestedAuthnContextBuilder(org.opensaml.saml2.core.impl.RequestedAuthnContextBuilder) RequestedAuthnContext(org.opensaml.saml2.core.RequestedAuthnContext) AuthnRequest(org.opensaml.saml2.core.AuthnRequest) Issuer(org.opensaml.saml2.core.Issuer) AuthnContextClassRef(org.opensaml.saml2.core.AuthnContextClassRef) IssuerBuilder(org.opensaml.saml2.core.impl.IssuerBuilder) AuthnRequestBuilder(org.opensaml.saml2.core.impl.AuthnRequestBuilder) AuthnContextClassRefBuilder(org.opensaml.saml2.core.impl.AuthnContextClassRefBuilder) DateTime(org.joda.time.DateTime)

Aggregations

AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)113 Test (org.junit.jupiter.api.Test)35 lombok.val (lombok.val)26 Issuer (org.opensaml.saml.saml2.core.Issuer)21 AuthnRequestBuilder.anAuthnRequest (uk.gov.ida.saml.core.test.builders.AuthnRequestBuilder.anAuthnRequest)15 IdaAuthnRequestFromHub (uk.gov.ida.saml.hub.domain.IdaAuthnRequestFromHub)12 IdaAuthnRequestBuilder.anIdaAuthnRequest (uk.gov.ida.saml.hub.test.builders.IdaAuthnRequestBuilder.anIdaAuthnRequest)12 SAMLObjectBuilder (org.opensaml.saml.common.SAMLObjectBuilder)11 DateTime (org.joda.time.DateTime)10 MessageContext (org.opensaml.messaging.context.MessageContext)9 NameIDPolicy (org.opensaml.saml.saml2.core.NameIDPolicy)9 RequestedAuthnContext (org.opensaml.saml.saml2.core.RequestedAuthnContext)9 Document (org.w3c.dom.Document)9 SamlRegisteredService (org.apereo.cas.support.saml.services.SamlRegisteredService)8 SamlRegisteredServiceServiceProviderMetadataFacade (org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)8 XMLObject (org.opensaml.core.xml.XMLObject)7 IOException (java.io.IOException)6 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)6 AuthnRequestBuilder (org.opensaml.saml.saml2.core.impl.AuthnRequestBuilder)6 IssuerBuilder (org.opensaml.saml.saml2.core.impl.IssuerBuilder)6
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial