Search in sources :

Example 6 with SPSSODescriptor

use of org.opensaml.saml2.metadata.SPSSODescriptor in project pac4j by pac4j.

the class SAML2MessageContext method getSPAssertionConsumerService.

public final AssertionConsumerService getSPAssertionConsumerService(final String acsIndex) {
    final SPSSODescriptor spssoDescriptor = getSPSSODescriptor();
    final List<AssertionConsumerService> services = spssoDescriptor.getAssertionConsumerServices();
    // Get by index
    if (acsIndex != null) {
        for (final AssertionConsumerService service : services) {
            if (Integer.valueOf(acsIndex).equals(service.getIndex())) {
                return service;
            }
        }
        throw new SAMLException("Assertion consumer service with index " + acsIndex + " could not be found for spDescriptor " + spssoDescriptor);
    }
    // Get default
    if (spssoDescriptor.getDefaultAssertionConsumerService() != null) {
        return spssoDescriptor.getDefaultAssertionConsumerService();
    }
    // Get first
    if (!services.isEmpty()) {
        return services.iterator().next();
    }
    throw new SAMLException("No assertion consumer services could be found for " + spssoDescriptor);
}
Also used : SPSSODescriptor(org.opensaml.saml.saml2.metadata.SPSSODescriptor) AssertionConsumerService(org.opensaml.saml.saml2.metadata.AssertionConsumerService) SAMLException(org.pac4j.saml.exceptions.SAMLException)

Example 7 with SPSSODescriptor

use of org.opensaml.saml2.metadata.SPSSODescriptor in project pac4j by pac4j.

the class SAML2MetadataGenerator method buildSPSSODescriptor.

protected final SPSSODescriptor buildSPSSODescriptor() {
    final SAMLObjectBuilder<SPSSODescriptor> builder = (SAMLObjectBuilder<SPSSODescriptor>) this.builderFactory.getBuilder(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
    final SPSSODescriptor spDescriptor = builder.buildObject();
    spDescriptor.setAuthnRequestsSigned(this.authnRequestSigned);
    spDescriptor.setWantAssertionsSigned(this.wantAssertionSigned);
    spDescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
    spDescriptor.addSupportedProtocol(SAMLConstants.SAML10P_NS);
    spDescriptor.addSupportedProtocol(SAMLConstants.SAML11P_NS);
    final SAMLObjectBuilder<Extensions> builderExt = (SAMLObjectBuilder<Extensions>) this.builderFactory.getBuilder(Extensions.DEFAULT_ELEMENT_NAME);
    final Extensions extensions = builderExt.buildObject();
    extensions.getNamespaceManager().registerAttributeName(RequestInitiator.DEFAULT_ELEMENT_NAME);
    final SAMLObjectBuilder<RequestInitiator> builderReq = (SAMLObjectBuilder<RequestInitiator>) this.builderFactory.getBuilder(RequestInitiator.DEFAULT_ELEMENT_NAME);
    final RequestInitiator requestInitiator = builderReq.buildObject();
    requestInitiator.setLocation(this.requestInitiatorLocation);
    requestInitiator.setBinding(RequestInitiator.DEFAULT_ELEMENT_NAME.getNamespaceURI());
    extensions.getUnknownXMLObjects().add(requestInitiator);
    spDescriptor.setExtensions(extensions);
    spDescriptor.getNameIDFormats().addAll(buildNameIDFormat());
    int index = 0;
    // Fix the POST binding for the response instead of using the binding of the request
    spDescriptor.getAssertionConsumerServices().add(getAssertionConsumerService(SAMLConstants.SAML2_POST_BINDING_URI, index++, this.defaultACSIndex == index));
    if (credentialProvider != null) {
        spDescriptor.getKeyDescriptors().add(getKeyDescriptor(UsageType.SIGNING, this.credentialProvider.getKeyInfo()));
        spDescriptor.getKeyDescriptors().add(getKeyDescriptor(UsageType.ENCRYPTION, this.credentialProvider.getKeyInfo()));
    }
    return spDescriptor;
}
Also used : SPSSODescriptor(org.opensaml.saml.saml2.metadata.SPSSODescriptor) SAMLObjectBuilder(org.opensaml.saml.common.SAMLObjectBuilder) RequestInitiator(org.opensaml.saml.ext.saml2mdreqinit.RequestInitiator) Extensions(org.opensaml.saml.saml2.metadata.Extensions)

Example 8 with SPSSODescriptor

use of org.opensaml.saml2.metadata.SPSSODescriptor in project pentaho-engineering-samples by pentaho.

the class PentahoSamlLogoutFilter method idpContainsGlobalLogoutEndpoint.

private boolean idpContainsGlobalLogoutEndpoint(HttpServletRequest request, HttpServletResponse response) {
    try {
        SAMLMessageContext ctx = contextProvider.getLocalAndPeerEntity(request, response);
        String binding = SAMLUtil.getLogoutBinding((IDPSSODescriptor) ctx.getPeerEntityRoleMetadata(), (SPSSODescriptor) ctx.getLocalEntityRoleMetadata());
        return (binding != null && !binding.isEmpty());
    } catch (MetadataProviderException e) {
        logger.error(e.getMessage(), e);
    }
    return false;
}
Also used : SAMLMessageContext(org.springframework.security.saml.context.SAMLMessageContext) MetadataProviderException(org.opensaml.saml2.metadata.provider.MetadataProviderException)

Example 9 with SPSSODescriptor

use of org.opensaml.saml2.metadata.SPSSODescriptor in project spring-security by spring-projects.

the class OpenSamlMetadataResolver method resolve.

@Override
public String resolve(RelyingPartyRegistration relyingPartyRegistration) {
    EntityDescriptor entityDescriptor = build(EntityDescriptor.ELEMENT_QNAME);
    entityDescriptor.setEntityID(relyingPartyRegistration.getEntityId());
    SPSSODescriptor spSsoDescriptor = buildSpSsoDescriptor(relyingPartyRegistration);
    entityDescriptor.getRoleDescriptors(SPSSODescriptor.DEFAULT_ELEMENT_NAME).add(spSsoDescriptor);
    return serialize(entityDescriptor);
}
Also used : EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor) SPSSODescriptor(org.opensaml.saml.saml2.metadata.SPSSODescriptor)

Example 10 with SPSSODescriptor

use of org.opensaml.saml2.metadata.SPSSODescriptor in project spring-security by spring-projects.

the class OpenSamlMetadataResolver method buildSpSsoDescriptor.

private SPSSODescriptor buildSpSsoDescriptor(RelyingPartyRegistration registration) {
    SPSSODescriptor spSsoDescriptor = build(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
    spSsoDescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
    spSsoDescriptor.getKeyDescriptors().addAll(buildKeys(registration.getSigningX509Credentials(), UsageType.SIGNING));
    spSsoDescriptor.getKeyDescriptors().addAll(buildKeys(registration.getDecryptionX509Credentials(), UsageType.ENCRYPTION));
    spSsoDescriptor.getAssertionConsumerServices().add(buildAssertionConsumerService(registration));
    if (registration.getSingleLogoutServiceLocation() != null) {
        spSsoDescriptor.getSingleLogoutServices().add(buildSingleLogoutService(registration));
    }
    if (registration.getNameIdFormat() != null) {
        spSsoDescriptor.getNameIDFormats().add(buildNameIDFormat(registration));
    }
    return spSsoDescriptor;
}
Also used : SPSSODescriptor(org.opensaml.saml.saml2.metadata.SPSSODescriptor)

Aggregations

SPSSODescriptor (org.opensaml.saml.saml2.metadata.SPSSODescriptor)16 AssertionConsumerService (org.opensaml.saml.saml2.metadata.AssertionConsumerService)7 EntityDescriptor (org.opensaml.saml.saml2.metadata.EntityDescriptor)6 SAMLMetadataContext (org.opensaml.saml.common.messaging.context.SAMLMetadataContext)3 KeyDescriptor (org.opensaml.saml.saml2.metadata.KeyDescriptor)3 SingleLogoutService (org.opensaml.saml.saml2.metadata.SingleLogoutService)3 SAML2MessageContext (org.pac4j.saml.context.SAML2MessageContext)3 ComponentInitializationException (net.shibboleth.utilities.java.support.component.ComponentInitializationException)2 SamlRegisteredServiceCachingMetadataResolver (org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver)2 Test (org.junit.Test)2 MessageEncoder (org.opensaml.messaging.encoder.MessageEncoder)2 MessageEncodingException (org.opensaml.messaging.encoder.MessageEncodingException)2 Extensions (org.opensaml.saml.saml2.metadata.Extensions)2 IDPSSODescriptor (org.opensaml.saml.saml2.metadata.IDPSSODescriptor)2 NameIDFormat (org.opensaml.saml.saml2.metadata.NameIDFormat)2 AssertionConsumerServiceBuilder (org.opensaml.saml.saml2.metadata.impl.AssertionConsumerServiceBuilder)2 SAMLException (org.pac4j.saml.exceptions.SAMLException)2 IOException (java.io.IOException)1 OutputStreamWriter (java.io.OutputStreamWriter)1 StringWriter (java.io.StringWriter)1