Example 16 with IDPSSODescriptor
use of org.opensaml.saml2.metadata.IDPSSODescriptor in project verify-hub by alphagov.
the class NodeMetadataFactory method createCountryEntityDescriptor.
public static EntityDescriptor createCountryEntityDescriptor(String entityID) {
Signature entityDescriptorSignature = createSignature();
KeyDescriptor keyDescriptor = KeyDescriptorBuilder.aKeyDescriptor().withX509ForSigning(TEST_PUBLIC_CERT).build();
IDPSSODescriptor idpssoDescriptor = IdpSsoDescriptorBuilder.anIdpSsoDescriptor().addKeyDescriptor(keyDescriptor).build();
try {
return getEntityDescriptor(entityID, idpssoDescriptor, entityDescriptorSignature);
} catch (MarshallingException | SignatureException e) {
throw Throwables.propagate(e);
}
}
Also used :
IDPSSODescriptor(org.opensaml.saml.saml2.metadata.IDPSSODescriptor)
MarshallingException(org.opensaml.core.xml.io.MarshallingException)
KeyDescriptor(org.opensaml.saml.saml2.metadata.KeyDescriptor)
Signature(org.opensaml.xmlsec.signature.Signature)
SignatureException(org.opensaml.xmlsec.signature.support.SignatureException)
Example 17 with IDPSSODescriptor
use of org.opensaml.saml2.metadata.IDPSSODescriptor in project verify-hub by alphagov.
the class NodeMetadataFactory method createCountryEntityDescriptor.
public static EntityDescriptor createCountryEntityDescriptor(String entityID) {
Signature entityDescriptorSignature = createSignature();
KeyDescriptor keyDescriptor = KeyDescriptorBuilder.aKeyDescriptor().withX509ForSigning(TEST_PUBLIC_CERT).build();
IDPSSODescriptor idpssoDescriptor = IdpSsoDescriptorBuilder.anIdpSsoDescriptor().addKeyDescriptor(keyDescriptor).build();
try {
return getEntityDescriptor(entityID, idpssoDescriptor, entityDescriptorSignature);
} catch (MarshallingException | SignatureException e) {
throw Throwables.propagate(e);
}
}
Also used :
IDPSSODescriptor(org.opensaml.saml.saml2.metadata.IDPSSODescriptor)
MarshallingException(org.opensaml.core.xml.io.MarshallingException)
KeyDescriptor(org.opensaml.saml.saml2.metadata.KeyDescriptor)
Signature(org.opensaml.xmlsec.signature.Signature)
SignatureException(org.opensaml.xmlsec.signature.support.SignatureException)
Example 18 with IDPSSODescriptor
use of org.opensaml.saml2.metadata.IDPSSODescriptor in project pac4j by pac4j.
the class SAML2LogoutMessageSender method sendMessage.
@Override
public void sendMessage(final SAML2MessageContext context, final LogoutRequest logoutRequest, final Object relayState) {
final SPSSODescriptor spDescriptor = context.getSPSSODescriptor();
final IDPSSODescriptor idpssoDescriptor = context.getIDPSSODescriptor();
final SingleLogoutService ssoLogoutService = context.getIDPSingleLogoutService(destinationBindingType);
final AssertionConsumerService acsService = context.getSPAssertionConsumerService();
final MessageEncoder encoder = getMessageEncoder(context);
final SAML2MessageContext outboundContext = new SAML2MessageContext(context);
outboundContext.getProfileRequestContext().setProfileId(context.getProfileRequestContext().getProfileId());
outboundContext.getProfileRequestContext().setInboundMessageContext(context.getProfileRequestContext().getInboundMessageContext());
outboundContext.getProfileRequestContext().setOutboundMessageContext(context.getProfileRequestContext().getOutboundMessageContext());
outboundContext.setMessage(logoutRequest);
outboundContext.getSAMLEndpointContext().setEndpoint(acsService);
outboundContext.getSAMLPeerEndpointContext().setEndpoint(ssoLogoutService);
outboundContext.getSAMLPeerEntityContext().setRole(context.getSAMLPeerEntityContext().getRole());
outboundContext.getSAMLPeerEntityContext().setEntityId(context.getSAMLPeerEntityContext().getEntityId());
outboundContext.getSAMLProtocolContext().setProtocol(context.getSAMLProtocolContext().getProtocol());
outboundContext.getSecurityParametersContext().setSignatureSigningParameters(this.signatureSigningParametersProvider.build(spDescriptor));
if (relayState != null) {
outboundContext.getSAMLBindingContext().setRelayState(relayState.toString());
}
invokeOutboundMessageHandlers(spDescriptor, idpssoDescriptor, outboundContext);
try {
encoder.setMessageContext(outboundContext);
encoder.initialize();
encoder.prepareContext();
encoder.encode();
final SAMLMessageStorage messageStorage = context.getSAMLMessageStorage();
if (messageStorage != null) {
messageStorage.storeMessage(logoutRequest.getID(), logoutRequest);
}
} catch (final MessageEncodingException e) {
throw new SAMLException("Error encoding saml message", e);
} catch (final ComponentInitializationException e) {
throw new SAMLException("Error initializing saml encoder", e);
}
}
Also used :
SPSSODescriptor(org.opensaml.saml.saml2.metadata.SPSSODescriptor)
SAML2MessageContext(org.pac4j.saml.context.SAML2MessageContext)
IDPSSODescriptor(org.opensaml.saml.saml2.metadata.IDPSSODescriptor)
ComponentInitializationException(net.shibboleth.utilities.java.support.component.ComponentInitializationException)
SingleLogoutService(org.opensaml.saml.saml2.metadata.SingleLogoutService)
AssertionConsumerService(org.opensaml.saml.saml2.metadata.AssertionConsumerService)
MessageEncoder(org.opensaml.messaging.encoder.MessageEncoder)
SAMLMessageStorage(org.pac4j.saml.storage.SAMLMessageStorage)
MessageEncodingException(org.opensaml.messaging.encoder.MessageEncodingException)
SAMLException(org.pac4j.saml.exceptions.SAMLException)
Example 19 with IDPSSODescriptor
use of org.opensaml.saml2.metadata.IDPSSODescriptor in project verify-hub by alphagov.
the class IdpSingleSignOnServiceHelper method getSingleSignOn.
public URI getSingleSignOn(String entityId) {
EntityDescriptor idpEntityDescriptor;
try {
CriteriaSet criteria = new CriteriaSet(new EntityIdCriterion(entityId));
idpEntityDescriptor = metadataProvider.resolveSingle(criteria);
} catch (ResolverException e) {
LOG.log(Level.SEVERE, format("Exception when accessing metadata: {0}", e));
throw new RuntimeException(e);
}
if (idpEntityDescriptor != null) {
final IDPSSODescriptor idpssoDescriptor = idpEntityDescriptor.getIDPSSODescriptor(SAMLConstants.SAML20P_NS);
final List<SingleSignOnService> singleSignOnServices = idpssoDescriptor.getSingleSignOnServices();
if (singleSignOnServices.isEmpty()) {
LOG.log(Level.SEVERE, format("No singleSignOnServices present for IDP entityId: {0}", entityId));
} else {
if (singleSignOnServices.size() > 1) {
LOG.log(Level.WARNING, format("More than one singleSignOnService present: {0} for {1}", singleSignOnServices.size(), entityId));
}
return URI.create(singleSignOnServices.get(0).getLocation());
}
}
throw ApplicationException.createUnauditedException(ExceptionType.NOT_FOUND, UUID.randomUUID(), new RuntimeException(format("no entity descriptor for IDP: {0}", entityId)));
}
Also used :
EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor)
ResolverException(net.shibboleth.utilities.java.support.resolver.ResolverException)
IDPSSODescriptor(org.opensaml.saml.saml2.metadata.IDPSSODescriptor)
CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet)
EntityIdCriterion(org.opensaml.core.criterion.EntityIdCriterion)
SingleSignOnService(org.opensaml.saml.saml2.metadata.SingleSignOnService)
Example 20 with IDPSSODescriptor
use of org.opensaml.saml2.metadata.IDPSSODescriptor in project verify-hub by alphagov.
the class IdpMetadataPublicKeyStoreTest method idpEntityDescriptor.
private static EntityDescriptor idpEntityDescriptor(String idpEntityId, String public_signing_certificate) {
KeyDescriptor keyDescriptor = buildKeyDescriptor(public_signing_certificate);
IDPSSODescriptor idpssoDescriptor = IdpSsoDescriptorBuilder.anIdpSsoDescriptor().addKeyDescriptor(keyDescriptor).withoutDefaultSigningKey().build();
try {
return EntityDescriptorBuilder.anEntityDescriptor().withEntityId(idpEntityId).withIdpSsoDescriptor(idpssoDescriptor).withValidUntil(DateTime.now().plusWeeks(2)).withSignature(null).withoutSigning().setAddDefaultSpServiceDescriptor(false).build();
} catch (MarshallingException | SignatureException e) {
throw new RuntimeException(e);
}
}
Also used :
IDPSSODescriptor(org.opensaml.saml.saml2.metadata.IDPSSODescriptor)
MarshallingException(org.opensaml.core.xml.io.MarshallingException)
KeyDescriptor(org.opensaml.saml.saml2.metadata.KeyDescriptor)
SignatureException(org.opensaml.xmlsec.signature.support.SignatureException)
Aggregations
IDPSSODescriptor (org.opensaml.saml.saml2.metadata.IDPSSODescriptor)21
KeyDescriptor (org.opensaml.saml.saml2.metadata.KeyDescriptor)8
EntityDescriptor (org.opensaml.saml.saml2.metadata.EntityDescriptor)7
SingleSignOnService (org.opensaml.saml.saml2.metadata.SingleSignOnService)7
IOException (java.io.IOException)3
CriteriaSet (net.shibboleth.utilities.java.support.resolver.CriteriaSet)3
AuthenticationFailureException (org.codice.ddf.platform.filter.AuthenticationFailureException)3
EntityIdCriterion (org.opensaml.core.criterion.EntityIdCriterion)3
MarshallingException (org.opensaml.core.xml.io.MarshallingException)3
SingleLogoutService (org.opensaml.saml.saml2.metadata.SingleLogoutService)3
SignatureException (org.opensaml.xmlsec.signature.support.SignatureException)3
URI (java.net.URI)2
CertificateException (java.security.cert.CertificateException)2
X509Certificate (java.security.cert.X509Certificate)2
ComponentInitializationException (net.shibboleth.utilities.java.support.component.ComponentInitializationException)2
ResolverException (net.shibboleth.utilities.java.support.resolver.ResolverException)2
Test (org.junit.Test)2
MessageEncoder (org.opensaml.messaging.encoder.MessageEncoder)2
MessageEncodingException (org.opensaml.messaging.encoder.MessageEncodingException)2
AssertionConsumerService (org.opensaml.saml.saml2.metadata.AssertionConsumerService)2
