Examples with SPSSODescriptor org.opensaml.saml2.metadata.SPSSODescriptor used on opensource projects

Example 6 with SPSSODescriptor

use of org.opensaml.saml2.metadata.SPSSODescriptor in project pac4j by pac4j.

the class SAML2MessageContext method getSPAssertionConsumerService.

public final AssertionConsumerService getSPAssertionConsumerService(final String acsIndex) {
    final SPSSODescriptor spssoDescriptor = getSPSSODescriptor();
    final List<AssertionConsumerService> services = spssoDescriptor.getAssertionConsumerServices();
    // Get by index
    if (acsIndex != null) {
        for (final AssertionConsumerService service : services) {
            if (Integer.valueOf(acsIndex).equals(service.getIndex())) {
                return service;
            }
        }
        throw new SAMLException("Assertion consumer service with index " + acsIndex + " could not be found for spDescriptor " + spssoDescriptor);
    }
    // Get default
    if (spssoDescriptor.getDefaultAssertionConsumerService() != null) {
        return spssoDescriptor.getDefaultAssertionConsumerService();
    }
    // Get first
    if (!services.isEmpty()) {
        return services.iterator().next();
    }
    throw new SAMLException("No assertion consumer services could be found for " + spssoDescriptor);
}

Example 7 with SPSSODescriptor

use of org.opensaml.saml2.metadata.SPSSODescriptor in project pac4j by pac4j.

the class SAML2MetadataGenerator method buildSPSSODescriptor.

protected final SPSSODescriptor buildSPSSODescriptor() {
    final SAMLObjectBuilder<SPSSODescriptor> builder = (SAMLObjectBuilder<SPSSODescriptor>) this.builderFactory.getBuilder(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
    final SPSSODescriptor spDescriptor = builder.buildObject();
    spDescriptor.setAuthnRequestsSigned(this.authnRequestSigned);
    spDescriptor.setWantAssertionsSigned(this.wantAssertionSigned);
    spDescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
    spDescriptor.addSupportedProtocol(SAMLConstants.SAML10P_NS);
    spDescriptor.addSupportedProtocol(SAMLConstants.SAML11P_NS);
    final SAMLObjectBuilder<Extensions> builderExt = (SAMLObjectBuilder<Extensions>) this.builderFactory.getBuilder(Extensions.DEFAULT_ELEMENT_NAME);
    final Extensions extensions = builderExt.buildObject();
    extensions.getNamespaceManager().registerAttributeName(RequestInitiator.DEFAULT_ELEMENT_NAME);
    final SAMLObjectBuilder<RequestInitiator> builderReq = (SAMLObjectBuilder<RequestInitiator>) this.builderFactory.getBuilder(RequestInitiator.DEFAULT_ELEMENT_NAME);
    final RequestInitiator requestInitiator = builderReq.buildObject();
    requestInitiator.setLocation(this.requestInitiatorLocation);
    requestInitiator.setBinding(RequestInitiator.DEFAULT_ELEMENT_NAME.getNamespaceURI());
    extensions.getUnknownXMLObjects().add(requestInitiator);
    spDescriptor.setExtensions(extensions);
    spDescriptor.getNameIDFormats().addAll(buildNameIDFormat());
    int index = 0;
    // Fix the POST binding for the response instead of using the binding of the request
    spDescriptor.getAssertionConsumerServices().add(getAssertionConsumerService(SAMLConstants.SAML2_POST_BINDING_URI, index++, this.defaultACSIndex == index));
    if (credentialProvider != null) {
        spDescriptor.getKeyDescriptors().add(getKeyDescriptor(UsageType.SIGNING, this.credentialProvider.getKeyInfo()));
        spDescriptor.getKeyDescriptors().add(getKeyDescriptor(UsageType.ENCRYPTION, this.credentialProvider.getKeyInfo()));
    }
    return spDescriptor;
}

Example 8 with SPSSODescriptor

use of org.opensaml.saml2.metadata.SPSSODescriptor in project pentaho-engineering-samples by pentaho.

the class PentahoSamlLogoutFilter method idpContainsGlobalLogoutEndpoint.

private boolean idpContainsGlobalLogoutEndpoint(HttpServletRequest request, HttpServletResponse response) {
    try {
        SAMLMessageContext ctx = contextProvider.getLocalAndPeerEntity(request, response);
        String binding = SAMLUtil.getLogoutBinding((IDPSSODescriptor) ctx.getPeerEntityRoleMetadata(), (SPSSODescriptor) ctx.getLocalEntityRoleMetadata());
        return (binding != null && !binding.isEmpty());
    } catch (MetadataProviderException e) {
        logger.error(e.getMessage(), e);
    }
    return false;
}

Example 9 with SPSSODescriptor

use of org.opensaml.saml2.metadata.SPSSODescriptor in project spring-security by spring-projects.

the class OpenSamlMetadataResolver method resolve.

@Override
public String resolve(RelyingPartyRegistration relyingPartyRegistration) {
    EntityDescriptor entityDescriptor = build(EntityDescriptor.ELEMENT_QNAME);
    entityDescriptor.setEntityID(relyingPartyRegistration.getEntityId());
    SPSSODescriptor spSsoDescriptor = buildSpSsoDescriptor(relyingPartyRegistration);
    entityDescriptor.getRoleDescriptors(SPSSODescriptor.DEFAULT_ELEMENT_NAME).add(spSsoDescriptor);
    return serialize(entityDescriptor);
}

Example 10 with SPSSODescriptor

use of org.opensaml.saml2.metadata.SPSSODescriptor in project spring-security by spring-projects.

the class OpenSamlMetadataResolver method buildSpSsoDescriptor.

private SPSSODescriptor buildSpSsoDescriptor(RelyingPartyRegistration registration) {
    SPSSODescriptor spSsoDescriptor = build(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
    spSsoDescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
    spSsoDescriptor.getKeyDescriptors().addAll(buildKeys(registration.getSigningX509Credentials(), UsageType.SIGNING));
    spSsoDescriptor.getKeyDescriptors().addAll(buildKeys(registration.getDecryptionX509Credentials(), UsageType.ENCRYPTION));
    spSsoDescriptor.getAssertionConsumerServices().add(buildAssertionConsumerService(registration));
    if (registration.getSingleLogoutServiceLocation() != null) {
        spSsoDescriptor.getSingleLogoutServices().add(buildSingleLogoutService(registration));
    }
    if (registration.getNameIdFormat() != null) {
        spSsoDescriptor.getNameIDFormats().add(buildNameIDFormat(registration));
    }
    return spSsoDescriptor;
}