Examples with IDPSSODescriptor org.opensaml.saml2.metadata.IDPSSODescriptor used on opensource projects

Search in sources :

Example 1 with IDPSSODescriptor

use of org.opensaml.saml2.metadata.IDPSSODescriptor in project ddf by codice.

the class IdpMetadata method initSingleSignOut.

private void initSingleSignOut() {
    IDPSSODescriptor descriptor = getDescriptor();
    if (descriptor != null) {
        // Prefer HTTP-Redirect over HTTP-POST if both are present
        Optional<? extends Endpoint> service = initSingleSomething(descriptor.getSingleLogoutServices());
        if (service.isPresent()) {
            singleLogoutBinding = service.get().getBinding();
            singleLogoutLocation = service.get().getLocation();
        }
    }
}
Also used : IDPSSODescriptor(org.opensaml.saml.saml2.metadata.IDPSSODescriptor)

Example 2 with IDPSSODescriptor

use of org.opensaml.saml2.metadata.IDPSSODescriptor in project verify-hub by alphagov.

the class CountrySingleSignOnServiceHelper method getSingleSignOn.

public URI getSingleSignOn(String entityId) {
    EidasMetadataResolver metadataResolver = new EidasMetadataResolver(new Timer(), client, URI.create(entityId));
    try {
        EntityDescriptor idpEntityDescriptor;
        try {
            CriteriaSet criteria = new CriteriaSet(new EntityIdCriterion(entityId));
            idpEntityDescriptor = metadataResolver.resolveSingle(criteria);
        } catch (ResolverException e) {
            LOG.error(format("Exception when accessing metadata: {0}", e));
            throw propagate(e);
        }
        if (idpEntityDescriptor != null) {
            final IDPSSODescriptor idpssoDescriptor = idpEntityDescriptor.getIDPSSODescriptor(SAMLConstants.SAML20P_NS);
            final List<SingleSignOnService> singleSignOnServices = idpssoDescriptor.getSingleSignOnServices();
            if (singleSignOnServices.isEmpty()) {
                LOG.error(format("No singleSignOnServices present for IDP entityId: {0}", entityId));
            } else {
                if (singleSignOnServices.size() > 1) {
                    LOG.warn(format("More than one singleSignOnService present: {0} for {1}", singleSignOnServices.size(), entityId));
                }
                return URI.create(singleSignOnServices.get(0).getLocation());
            }
        }
        throw ApplicationException.createUnauditedException(ExceptionType.NOT_FOUND, UUID.randomUUID(), new RuntimeException(format("no entity descriptor for IDP: {0}", entityId)));
    } finally {
        if (metadataResolver != null) {
            metadataResolver.destroy();
        }
    }
}
Also used : EidasMetadataResolver(uk.gov.ida.hub.samlengine.EidasMetadataResolver) EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor) ResolverException(net.shibboleth.utilities.java.support.resolver.ResolverException) Timer(java.util.Timer) IDPSSODescriptor(org.opensaml.saml.saml2.metadata.IDPSSODescriptor) CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet) EntityIdCriterion(org.opensaml.core.criterion.EntityIdCriterion) SingleSignOnService(org.opensaml.saml.saml2.metadata.SingleSignOnService)

Example 3 with IDPSSODescriptor

use of org.opensaml.saml2.metadata.IDPSSODescriptor in project pac4j by pac4j.

the class SAML2WebSSOMessageSender method sendMessage.

@Override
public void sendMessage(final SAML2MessageContext context, final AuthnRequest authnRequest, final Object relayState) {
    final SPSSODescriptor spDescriptor = context.getSPSSODescriptor();
    final IDPSSODescriptor idpssoDescriptor = context.getIDPSSODescriptor();
    final SingleSignOnService ssoService = context.getIDPSingleSignOnService(destinationBindingType);
    final AssertionConsumerService acsService = context.getSPAssertionConsumerService();
    final MessageEncoder encoder = getMessageEncoder(context);
    final SAML2MessageContext outboundContext = new SAML2MessageContext(context);
    outboundContext.getProfileRequestContext().setProfileId(context.getProfileRequestContext().getProfileId());
    outboundContext.getProfileRequestContext().setInboundMessageContext(context.getProfileRequestContext().getInboundMessageContext());
    outboundContext.getProfileRequestContext().setOutboundMessageContext(context.getProfileRequestContext().getOutboundMessageContext());
    outboundContext.setMessage(authnRequest);
    outboundContext.getSAMLEndpointContext().setEndpoint(acsService);
    outboundContext.getSAMLPeerEndpointContext().setEndpoint(ssoService);
    outboundContext.getSAMLPeerEntityContext().setRole(context.getSAMLPeerEntityContext().getRole());
    outboundContext.getSAMLPeerEntityContext().setEntityId(context.getSAMLPeerEntityContext().getEntityId());
    outboundContext.getSAMLProtocolContext().setProtocol(context.getSAMLProtocolContext().getProtocol());
    outboundContext.getSecurityParametersContext().setSignatureSigningParameters(this.signatureSigningParametersProvider.build(spDescriptor));
    if (relayState != null) {
        outboundContext.getSAMLBindingContext().setRelayState(relayState.toString());
    }
    try {
        invokeOutboundMessageHandlers(spDescriptor, idpssoDescriptor, outboundContext);
        encoder.setMessageContext(outboundContext);
        encoder.initialize();
        encoder.prepareContext();
        encoder.encode();
        final SAMLMessageStorage messageStorage = context.getSAMLMessageStorage();
        if (messageStorage != null) {
            messageStorage.storeMessage(authnRequest.getID(), authnRequest);
        }
    } catch (final MessageEncodingException e) {
        throw new SAMLException("Error encoding saml message", e);
    } catch (final ComponentInitializationException e) {
        throw new SAMLException("Error initializing saml encoder", e);
    }
}
Also used : SPSSODescriptor(org.opensaml.saml.saml2.metadata.SPSSODescriptor) SAML2MessageContext(org.pac4j.saml.context.SAML2MessageContext) IDPSSODescriptor(org.opensaml.saml.saml2.metadata.IDPSSODescriptor) ComponentInitializationException(net.shibboleth.utilities.java.support.component.ComponentInitializationException) SingleSignOnService(org.opensaml.saml.saml2.metadata.SingleSignOnService) AssertionConsumerService(org.opensaml.saml.saml2.metadata.AssertionConsumerService) MessageEncoder(org.opensaml.messaging.encoder.MessageEncoder) SAMLMessageStorage(org.pac4j.saml.storage.SAMLMessageStorage) MessageEncodingException(org.opensaml.messaging.encoder.MessageEncodingException) SAMLException(org.pac4j.saml.exceptions.SAMLException)

Example 4 with IDPSSODescriptor

use of org.opensaml.saml2.metadata.IDPSSODescriptor in project pac4j by pac4j.

the class SAML2MessageContext method getIDPSSODescriptor.

public final IDPSSODescriptor getIDPSSODescriptor() {
    final SAMLMetadataContext peerContext = getSAMLPeerMetadataContext();
    final IDPSSODescriptor idpssoDescriptor = (IDPSSODescriptor) peerContext.getRoleDescriptor();
    return idpssoDescriptor;
}
Also used : IDPSSODescriptor(org.opensaml.saml.saml2.metadata.IDPSSODescriptor) SAMLMetadataContext(org.opensaml.saml.common.messaging.context.SAMLMetadataContext)

Example 5 with IDPSSODescriptor

use of org.opensaml.saml2.metadata.IDPSSODescriptor in project pentaho-engineering-samples by pentaho.

the class PentahoSamlLogoutFilter method idpContainsGlobalLogoutEndpoint.

private boolean idpContainsGlobalLogoutEndpoint(HttpServletRequest request, HttpServletResponse response) {
    try {
        SAMLMessageContext ctx = contextProvider.getLocalAndPeerEntity(request, response);
        String binding = SAMLUtil.getLogoutBinding((IDPSSODescriptor) ctx.getPeerEntityRoleMetadata(), (SPSSODescriptor) ctx.getLocalEntityRoleMetadata());
        return (binding != null && !binding.isEmpty());
    } catch (MetadataProviderException e) {
        logger.error(e.getMessage(), e);
    }
    return false;
}
Also used : SAMLMessageContext(org.springframework.security.saml.context.SAMLMessageContext) MetadataProviderException(org.opensaml.saml2.metadata.provider.MetadataProviderException)

Aggregations

IDPSSODescriptor (org.opensaml.saml.saml2.metadata.IDPSSODescriptor)21 KeyDescriptor (org.opensaml.saml.saml2.metadata.KeyDescriptor)8 EntityDescriptor (org.opensaml.saml.saml2.metadata.EntityDescriptor)7 SingleSignOnService (org.opensaml.saml.saml2.metadata.SingleSignOnService)7 IOException (java.io.IOException)3 CriteriaSet (net.shibboleth.utilities.java.support.resolver.CriteriaSet)3 AuthenticationFailureException (org.codice.ddf.platform.filter.AuthenticationFailureException)3 EntityIdCriterion (org.opensaml.core.criterion.EntityIdCriterion)3 MarshallingException (org.opensaml.core.xml.io.MarshallingException)3 SingleLogoutService (org.opensaml.saml.saml2.metadata.SingleLogoutService)3 SignatureException (org.opensaml.xmlsec.signature.support.SignatureException)3 URI (java.net.URI)2 CertificateException (java.security.cert.CertificateException)2 X509Certificate (java.security.cert.X509Certificate)2 ComponentInitializationException (net.shibboleth.utilities.java.support.component.ComponentInitializationException)2 ResolverException (net.shibboleth.utilities.java.support.resolver.ResolverException)2 Test (org.junit.Test)2 MessageEncoder (org.opensaml.messaging.encoder.MessageEncoder)2 MessageEncodingException (org.opensaml.messaging.encoder.MessageEncodingException)2 AssertionConsumerService (org.opensaml.saml.saml2.metadata.AssertionConsumerService)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial