Example 6 with StatusCode
use of org.opensaml.saml2.core.StatusCode in project cloudstack by apache.
the class SAML2LogoutAPIAuthenticatorCmd method authenticate.
@Override
public String authenticate(String command, Map<String, Object[]> params, HttpSession session, InetAddress remoteAddress, String responseType, StringBuilder auditTrailSb, final HttpServletRequest req, final HttpServletResponse resp) throws ServerApiException {
auditTrailSb.append("=== SAML SLO Logging out ===");
LogoutCmdResponse response = new LogoutCmdResponse();
response.setDescription("success");
response.setResponseName(getCommandName());
String responseString = ApiResponseSerializer.toSerializedString(response, responseType);
if (session == null) {
try {
resp.sendRedirect(SAML2AuthManager.SAMLCloudStackRedirectionUrl.value());
} catch (IOException ignored) {
s_logger.info("[ignored] sending redirected failed.", ignored);
}
return responseString;
}
try {
DefaultBootstrap.bootstrap();
} catch (ConfigurationException | FactoryConfigurationError e) {
s_logger.error("OpenSAML Bootstrapping error: " + e.getMessage());
throw new ServerApiException(ApiErrorCode.ACCOUNT_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.ACCOUNT_ERROR.getHttpCode(), "OpenSAML Bootstrapping error while creating SP MetaData", params, responseType));
}
if (params != null && params.containsKey("SAMLResponse")) {
try {
final String samlResponse = ((String[]) params.get(SAMLPluginConstants.SAML_RESPONSE))[0];
Response processedSAMLResponse = SAMLUtils.decodeSAMLResponse(samlResponse);
String statusCode = processedSAMLResponse.getStatus().getStatusCode().getValue();
if (!statusCode.equals(StatusCode.SUCCESS_URI)) {
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.INTERNAL_ERROR.getHttpCode(), "SAML SLO LogoutResponse status is not Success", params, responseType));
}
} catch (ConfigurationException | FactoryConfigurationError | ParserConfigurationException | SAXException | IOException | UnmarshallingException e) {
s_logger.error("SAMLResponse processing error: " + e.getMessage());
}
try {
resp.sendRedirect(SAML2AuthManager.SAMLCloudStackRedirectionUrl.value());
} catch (IOException ignored) {
s_logger.info("[ignored] second redirected sending failed.", ignored);
}
return responseString;
}
String idpId = (String) session.getAttribute(SAMLPluginConstants.SAML_IDPID);
SAMLProviderMetadata idpMetadata = _samlAuthManager.getIdPMetadata(idpId);
String nameId = (String) session.getAttribute(SAMLPluginConstants.SAML_NAMEID);
if (idpMetadata == null || nameId == null || nameId.isEmpty()) {
try {
resp.sendRedirect(SAML2AuthManager.SAMLCloudStackRedirectionUrl.value());
} catch (IOException ignored) {
s_logger.info("[ignored] final redirected failed.", ignored);
}
return responseString;
}
LogoutRequest logoutRequest = SAMLUtils.buildLogoutRequest(idpMetadata.getSloUrl(), _samlAuthManager.getSPMetadata().getEntityId(), nameId);
try {
String redirectUrl = idpMetadata.getSloUrl() + "?SAMLRequest=" + SAMLUtils.encodeSAMLRequest(logoutRequest);
resp.sendRedirect(redirectUrl);
} catch (MarshallingException | IOException e) {
s_logger.error("SAML SLO error: " + e.getMessage());
throw new ServerApiException(ApiErrorCode.ACCOUNT_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.ACCOUNT_ERROR.getHttpCode(), "SAML Single Logout Error", params, responseType));
}
return responseString;
}
Also used :
IOException(java.io.IOException)
SAXException(org.xml.sax.SAXException)
Response(org.opensaml.saml2.core.Response)
LogoutCmdResponse(org.apache.cloudstack.api.response.LogoutCmdResponse)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
ServerApiException(org.apache.cloudstack.api.ServerApiException)
MarshallingException(org.opensaml.xml.io.MarshallingException)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
ConfigurationException(org.opensaml.xml.ConfigurationException)
LogoutRequest(org.opensaml.saml2.core.LogoutRequest)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
SAMLProviderMetadata(org.apache.cloudstack.saml.SAMLProviderMetadata)
LogoutCmdResponse(org.apache.cloudstack.api.response.LogoutCmdResponse)
FactoryConfigurationError(javax.xml.stream.FactoryConfigurationError)
UnmarshallingException(org.opensaml.xml.io.UnmarshallingException)
Example 7 with StatusCode
use of org.opensaml.saml2.core.StatusCode in project ddf by codice.
the class SamlProtocol method createStatus.
public static Status createStatus(String statusValue) {
Status status = statusBuilder.buildObject();
StatusCode statusCode = statusCodeBuilder.buildObject();
statusCode.setValue(statusValue);
status.setStatusCode(statusCode);
return status;
}
Also used :
Status(org.opensaml.saml.saml2.core.Status)
StatusCode(org.opensaml.saml.saml2.core.StatusCode)
Aggregations
HttpServletResponse (javax.servlet.http.HttpServletResponse)3
Status (org.opensaml.saml.saml2.core.Status)3
StatusCode (org.opensaml.saml.saml2.core.StatusCode)3
Response (org.opensaml.saml2.core.Response)3
IOException (java.io.IOException)2
ServerApiException (org.apache.cloudstack.api.ServerApiException)2
SAMLProviderMetadata (org.apache.cloudstack.saml.SAMLProviderMetadata)2
StatusMessage (org.opensaml.saml.saml2.core.StatusMessage)2
Assertion (org.opensaml.saml2.core.Assertion)2
Issuer (org.opensaml.saml2.core.Issuer)2
CloudAuthenticationException (com.cloud.exception.CloudAuthenticationException)1
UserAccount (com.cloud.user.UserAccount)1
UserAccountVO (com.cloud.user.UserAccountVO)1
ParserConfigurationException (javax.xml.parsers.ParserConfigurationException)1
FactoryConfigurationError (javax.xml.stream.FactoryConfigurationError)1
LoginCmdResponse (org.apache.cloudstack.api.response.LoginCmdResponse)1
LogoutCmdResponse (org.apache.cloudstack.api.response.LogoutCmdResponse)1
SAMLTokenVO (org.apache.cloudstack.saml.SAMLTokenVO)1
DateTime (org.joda.time.DateTime)1
Status (org.opensaml.saml.saml1.core.Status)1
