use of org.opensaml.saml2.metadata.IDPSSODescriptor in project verify-hub by alphagov.
the class NodeMetadataFactory method createCountryEntityDescriptor.
public static EntityDescriptor createCountryEntityDescriptor(String entityID) {
Signature entityDescriptorSignature = createSignature();
KeyDescriptor keyDescriptor = KeyDescriptorBuilder.aKeyDescriptor().withX509ForSigning(TEST_PUBLIC_CERT).build();
IDPSSODescriptor idpssoDescriptor = IdpSsoDescriptorBuilder.anIdpSsoDescriptor().addKeyDescriptor(keyDescriptor).build();
try {
return getEntityDescriptor(entityID, idpssoDescriptor, entityDescriptorSignature);
} catch (MarshallingException | SignatureException e) {
throw Throwables.propagate(e);
}
}
use of org.opensaml.saml2.metadata.IDPSSODescriptor in project verify-hub by alphagov.
the class NodeMetadataFactory method createCountryEntityDescriptor.
public static EntityDescriptor createCountryEntityDescriptor(String entityID) {
Signature entityDescriptorSignature = createSignature();
KeyDescriptor keyDescriptor = KeyDescriptorBuilder.aKeyDescriptor().withX509ForSigning(TEST_PUBLIC_CERT).build();
IDPSSODescriptor idpssoDescriptor = IdpSsoDescriptorBuilder.anIdpSsoDescriptor().addKeyDescriptor(keyDescriptor).build();
try {
return getEntityDescriptor(entityID, idpssoDescriptor, entityDescriptorSignature);
} catch (MarshallingException | SignatureException e) {
throw Throwables.propagate(e);
}
}
use of org.opensaml.saml2.metadata.IDPSSODescriptor in project pac4j by pac4j.
the class SAML2LogoutMessageSender method sendMessage.
@Override
public void sendMessage(final SAML2MessageContext context, final LogoutRequest logoutRequest, final Object relayState) {
final SPSSODescriptor spDescriptor = context.getSPSSODescriptor();
final IDPSSODescriptor idpssoDescriptor = context.getIDPSSODescriptor();
final SingleLogoutService ssoLogoutService = context.getIDPSingleLogoutService(destinationBindingType);
final AssertionConsumerService acsService = context.getSPAssertionConsumerService();
final MessageEncoder encoder = getMessageEncoder(context);
final SAML2MessageContext outboundContext = new SAML2MessageContext(context);
outboundContext.getProfileRequestContext().setProfileId(context.getProfileRequestContext().getProfileId());
outboundContext.getProfileRequestContext().setInboundMessageContext(context.getProfileRequestContext().getInboundMessageContext());
outboundContext.getProfileRequestContext().setOutboundMessageContext(context.getProfileRequestContext().getOutboundMessageContext());
outboundContext.setMessage(logoutRequest);
outboundContext.getSAMLEndpointContext().setEndpoint(acsService);
outboundContext.getSAMLPeerEndpointContext().setEndpoint(ssoLogoutService);
outboundContext.getSAMLPeerEntityContext().setRole(context.getSAMLPeerEntityContext().getRole());
outboundContext.getSAMLPeerEntityContext().setEntityId(context.getSAMLPeerEntityContext().getEntityId());
outboundContext.getSAMLProtocolContext().setProtocol(context.getSAMLProtocolContext().getProtocol());
outboundContext.getSecurityParametersContext().setSignatureSigningParameters(this.signatureSigningParametersProvider.build(spDescriptor));
if (relayState != null) {
outboundContext.getSAMLBindingContext().setRelayState(relayState.toString());
}
invokeOutboundMessageHandlers(spDescriptor, idpssoDescriptor, outboundContext);
try {
encoder.setMessageContext(outboundContext);
encoder.initialize();
encoder.prepareContext();
encoder.encode();
final SAMLMessageStorage messageStorage = context.getSAMLMessageStorage();
if (messageStorage != null) {
messageStorage.storeMessage(logoutRequest.getID(), logoutRequest);
}
} catch (final MessageEncodingException e) {
throw new SAMLException("Error encoding saml message", e);
} catch (final ComponentInitializationException e) {
throw new SAMLException("Error initializing saml encoder", e);
}
}
use of org.opensaml.saml2.metadata.IDPSSODescriptor in project verify-hub by alphagov.
the class IdpSingleSignOnServiceHelper method getSingleSignOn.
public URI getSingleSignOn(String entityId) {
EntityDescriptor idpEntityDescriptor;
try {
CriteriaSet criteria = new CriteriaSet(new EntityIdCriterion(entityId));
idpEntityDescriptor = metadataProvider.resolveSingle(criteria);
} catch (ResolverException e) {
LOG.log(Level.SEVERE, format("Exception when accessing metadata: {0}", e));
throw new RuntimeException(e);
}
if (idpEntityDescriptor != null) {
final IDPSSODescriptor idpssoDescriptor = idpEntityDescriptor.getIDPSSODescriptor(SAMLConstants.SAML20P_NS);
final List<SingleSignOnService> singleSignOnServices = idpssoDescriptor.getSingleSignOnServices();
if (singleSignOnServices.isEmpty()) {
LOG.log(Level.SEVERE, format("No singleSignOnServices present for IDP entityId: {0}", entityId));
} else {
if (singleSignOnServices.size() > 1) {
LOG.log(Level.WARNING, format("More than one singleSignOnService present: {0} for {1}", singleSignOnServices.size(), entityId));
}
return URI.create(singleSignOnServices.get(0).getLocation());
}
}
throw ApplicationException.createUnauditedException(ExceptionType.NOT_FOUND, UUID.randomUUID(), new RuntimeException(format("no entity descriptor for IDP: {0}", entityId)));
}
use of org.opensaml.saml2.metadata.IDPSSODescriptor in project verify-hub by alphagov.
the class IdpMetadataPublicKeyStoreTest method idpEntityDescriptor.
private static EntityDescriptor idpEntityDescriptor(String idpEntityId, String public_signing_certificate) {
KeyDescriptor keyDescriptor = buildKeyDescriptor(public_signing_certificate);
IDPSSODescriptor idpssoDescriptor = IdpSsoDescriptorBuilder.anIdpSsoDescriptor().addKeyDescriptor(keyDescriptor).withoutDefaultSigningKey().build();
try {
return EntityDescriptorBuilder.anEntityDescriptor().withEntityId(idpEntityId).withIdpSsoDescriptor(idpssoDescriptor).withValidUntil(DateTime.now().plusWeeks(2)).withSignature(null).withoutSigning().setAddDefaultSpServiceDescriptor(false).build();
} catch (MarshallingException | SignatureException e) {
throw new RuntimeException(e);
}
}
Aggregations