use of org.opensaml.saml2.metadata.SPSSODescriptor in project pac4j by pac4j.
the class SAML2MessageContext method getSPAssertionConsumerService.
public final AssertionConsumerService getSPAssertionConsumerService(final String acsIndex) {
final SPSSODescriptor spssoDescriptor = getSPSSODescriptor();
final List<AssertionConsumerService> services = spssoDescriptor.getAssertionConsumerServices();
// Get by index
if (acsIndex != null) {
for (final AssertionConsumerService service : services) {
if (Integer.valueOf(acsIndex).equals(service.getIndex())) {
return service;
}
}
throw new SAMLException("Assertion consumer service with index " + acsIndex + " could not be found for spDescriptor " + spssoDescriptor);
}
// Get default
if (spssoDescriptor.getDefaultAssertionConsumerService() != null) {
return spssoDescriptor.getDefaultAssertionConsumerService();
}
// Get first
if (!services.isEmpty()) {
return services.iterator().next();
}
throw new SAMLException("No assertion consumer services could be found for " + spssoDescriptor);
}
use of org.opensaml.saml2.metadata.SPSSODescriptor in project pac4j by pac4j.
the class SAML2MetadataGenerator method buildSPSSODescriptor.
protected final SPSSODescriptor buildSPSSODescriptor() {
final SAMLObjectBuilder<SPSSODescriptor> builder = (SAMLObjectBuilder<SPSSODescriptor>) this.builderFactory.getBuilder(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
final SPSSODescriptor spDescriptor = builder.buildObject();
spDescriptor.setAuthnRequestsSigned(this.authnRequestSigned);
spDescriptor.setWantAssertionsSigned(this.wantAssertionSigned);
spDescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
spDescriptor.addSupportedProtocol(SAMLConstants.SAML10P_NS);
spDescriptor.addSupportedProtocol(SAMLConstants.SAML11P_NS);
final SAMLObjectBuilder<Extensions> builderExt = (SAMLObjectBuilder<Extensions>) this.builderFactory.getBuilder(Extensions.DEFAULT_ELEMENT_NAME);
final Extensions extensions = builderExt.buildObject();
extensions.getNamespaceManager().registerAttributeName(RequestInitiator.DEFAULT_ELEMENT_NAME);
final SAMLObjectBuilder<RequestInitiator> builderReq = (SAMLObjectBuilder<RequestInitiator>) this.builderFactory.getBuilder(RequestInitiator.DEFAULT_ELEMENT_NAME);
final RequestInitiator requestInitiator = builderReq.buildObject();
requestInitiator.setLocation(this.requestInitiatorLocation);
requestInitiator.setBinding(RequestInitiator.DEFAULT_ELEMENT_NAME.getNamespaceURI());
extensions.getUnknownXMLObjects().add(requestInitiator);
spDescriptor.setExtensions(extensions);
spDescriptor.getNameIDFormats().addAll(buildNameIDFormat());
int index = 0;
// Fix the POST binding for the response instead of using the binding of the request
spDescriptor.getAssertionConsumerServices().add(getAssertionConsumerService(SAMLConstants.SAML2_POST_BINDING_URI, index++, this.defaultACSIndex == index));
if (credentialProvider != null) {
spDescriptor.getKeyDescriptors().add(getKeyDescriptor(UsageType.SIGNING, this.credentialProvider.getKeyInfo()));
spDescriptor.getKeyDescriptors().add(getKeyDescriptor(UsageType.ENCRYPTION, this.credentialProvider.getKeyInfo()));
}
return spDescriptor;
}
use of org.opensaml.saml2.metadata.SPSSODescriptor in project pentaho-engineering-samples by pentaho.
the class PentahoSamlLogoutFilter method idpContainsGlobalLogoutEndpoint.
private boolean idpContainsGlobalLogoutEndpoint(HttpServletRequest request, HttpServletResponse response) {
try {
SAMLMessageContext ctx = contextProvider.getLocalAndPeerEntity(request, response);
String binding = SAMLUtil.getLogoutBinding((IDPSSODescriptor) ctx.getPeerEntityRoleMetadata(), (SPSSODescriptor) ctx.getLocalEntityRoleMetadata());
return (binding != null && !binding.isEmpty());
} catch (MetadataProviderException e) {
logger.error(e.getMessage(), e);
}
return false;
}
use of org.opensaml.saml2.metadata.SPSSODescriptor in project spring-security by spring-projects.
the class OpenSamlMetadataResolver method resolve.
@Override
public String resolve(RelyingPartyRegistration relyingPartyRegistration) {
EntityDescriptor entityDescriptor = build(EntityDescriptor.ELEMENT_QNAME);
entityDescriptor.setEntityID(relyingPartyRegistration.getEntityId());
SPSSODescriptor spSsoDescriptor = buildSpSsoDescriptor(relyingPartyRegistration);
entityDescriptor.getRoleDescriptors(SPSSODescriptor.DEFAULT_ELEMENT_NAME).add(spSsoDescriptor);
return serialize(entityDescriptor);
}
use of org.opensaml.saml2.metadata.SPSSODescriptor in project spring-security by spring-projects.
the class OpenSamlMetadataResolver method buildSpSsoDescriptor.
private SPSSODescriptor buildSpSsoDescriptor(RelyingPartyRegistration registration) {
SPSSODescriptor spSsoDescriptor = build(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
spSsoDescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
spSsoDescriptor.getKeyDescriptors().addAll(buildKeys(registration.getSigningX509Credentials(), UsageType.SIGNING));
spSsoDescriptor.getKeyDescriptors().addAll(buildKeys(registration.getDecryptionX509Credentials(), UsageType.ENCRYPTION));
spSsoDescriptor.getAssertionConsumerServices().add(buildAssertionConsumerService(registration));
if (registration.getSingleLogoutServiceLocation() != null) {
spSsoDescriptor.getSingleLogoutServices().add(buildSingleLogoutService(registration));
}
if (registration.getNameIdFormat() != null) {
spSsoDescriptor.getNameIDFormats().add(buildNameIDFormat(registration));
}
return spSsoDescriptor;
}
Aggregations