Examples with Envelope org.opensaml.soap.soap11.Envelope used on opensource projects

Example 6 with Envelope

use of org.opensaml.soap.soap11.Envelope in project cas by apereo.

the class SamlResponseAuditResourceResolver method getPrincipalIdFromSamlEcpResponse.

private String[] getPrincipalIdFromSamlEcpResponse(final Envelope envelope) {
    final List<XMLObject> objects = envelope.getBody().getUnknownXMLObjects();
    if (objects.isEmpty()) {
        return new String[] {};
    }
    final XMLObject object = objects.get(0);
    if (object instanceof Response) {
        return getPrincipalIdFromSamlResponse((Response) object);
    }
    if (object instanceof Fault) {
        return getPrincipalIdFromSamlEcpFault((Fault) object);
    }
    return new String[] {};
}

Example 7 with Envelope

use of org.opensaml.soap.soap11.Envelope in project cas by apereo.

the class SamlProfileSamlSoap11FaultResponseBuilder method build.

@Override
public Envelope build(final RequestAbstractType authnRequest, final HttpServletRequest request, final HttpServletResponse response, final Object casAssertion, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor, final String binding) throws SamlException {
    final Header header = newSoapObject(Header.class);
    final Body body = newSoapObject(Body.class);
    final Fault fault = newSoapObject(Fault.class);
    final FaultCode faultCode = newSoapObject(FaultCode.class);
    faultCode.setValue(FaultCode.SERVER);
    fault.setCode(faultCode);
    final FaultActor faultActor = newSoapObject(FaultActor.class);
    faultActor.setValue(SamlIdPUtils.getIssuerFromSamlRequest(authnRequest));
    fault.setActor(faultActor);
    final FaultString faultString = newSoapObject(FaultString.class);
    faultString.setValue(request.getAttribute(SamlIdPConstants.REQUEST_ATTRIBUTE_ERROR).toString());
    fault.setMessage(faultString);
    body.getUnknownXMLObjects().add(fault);
    final Envelope envelope = newSoapObject(Envelope.class);
    envelope.setHeader(header);
    envelope.setBody(body);
    encodeFinalResponse(request, response, service, adaptor, envelope, binding, authnRequest, casAssertion);
    return envelope;
}

Example 8 with Envelope

use of org.opensaml.soap.soap11.Envelope in project cas by apereo.

the class ECPProfileHandlerController method handleEcpRequest.

/**
 * Handle ecp request.
 *
 * @param response    the response
 * @param request     the request
 * @param soapContext the soap context
 * @param credential  the credential
 * @param binding     the binding
 */
protected void handleEcpRequest(final HttpServletResponse response, final HttpServletRequest request, final MessageContext soapContext, final Credential credential, final String binding) {
    LOGGER.debug("Handling ECP request for SOAP context [{}]", soapContext);
    final Envelope envelope = soapContext.getSubcontext(SOAP11Context.class).getEnvelope();
    SamlUtils.logSamlObject(configBean, envelope);
    final AuthnRequest authnRequest = (AuthnRequest) soapContext.getMessage();
    final Pair<AuthnRequest, MessageContext> authenticationContext = Pair.of(authnRequest, soapContext);
    try {
        LOGGER.debug("Verifying ECP authentication request [{}]", authnRequest);
        final Pair<SamlRegisteredService, SamlRegisteredServiceServiceProviderMetadataFacade> serviceRequest = verifySamlAuthenticationRequest(authenticationContext, request);
        LOGGER.debug("Attempting to authenticate ECP request for credential id [{}]", credential.getId());
        final Authentication authentication = authenticateEcpRequest(credential, authenticationContext);
        LOGGER.debug("Authenticated [{}] successfully with authenticated principal [{}]", credential.getId(), authentication.getPrincipal());
        LOGGER.debug("Building ECP SAML response for [{}]", credential.getId());
        final String issuer = SamlIdPUtils.getIssuerFromSamlRequest(authnRequest);
        final Service service = webApplicationServiceFactory.createService(issuer);
        final Assertion casAssertion = buildCasAssertion(authentication, service, serviceRequest.getKey(), new LinkedHashMap<>());
        LOGGER.debug("CAS assertion to use for building ECP SAML response is [{}]", casAssertion);
        buildSamlResponse(response, request, authenticationContext, casAssertion, binding);
    } catch (final AuthenticationException e) {
        LOGGER.error(e.getMessage(), e);
        final String error = e.getHandlerErrors().values().stream().map(Throwable::getMessage).filter(Objects::nonNull).collect(Collectors.joining(","));
        buildEcpFaultResponse(response, request, Pair.of(authnRequest, error));
    } catch (final Exception e) {
        LOGGER.error(e.getMessage(), e);
        buildEcpFaultResponse(response, request, Pair.of(authnRequest, e.getMessage()));
    }
}

Example 9 with Envelope

use of org.opensaml.soap.soap11.Envelope in project cas by apereo.

the class SamlProfileSamlSoap11ResponseBuilder method buildResponse.

@Override
protected Envelope buildResponse(final Assertion assertion, final org.jasig.cas.client.validation.Assertion casAssertion, final AuthnRequest authnRequest, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor, final HttpServletRequest request, final HttpServletResponse response) throws SamlException {
    final Response ecpResponse = newEcpResponse(adaptor.getAssertionConsumerService().getLocation());
    final Header header = newSoapObject(Header.class);
    header.getUnknownXMLObjects().add(ecpResponse);
    final Body body = newSoapObject(Body.class);
    final org.opensaml.saml.saml2.core.Response saml2Response = (org.opensaml.saml.saml2.core.Response) saml2ResponseBuilder.build(authnRequest, request, response, casAssertion, service, adaptor);
    body.getUnknownXMLObjects().add(saml2Response);
    final Envelope envelope = newSoapObject(Envelope.class);
    envelope.setHeader(header);
    envelope.setBody(body);
    return envelope;
}

Example 10 with Envelope

use of org.opensaml.soap.soap11.Envelope in project cas by apereo.

the class SamlProfileArtifactResponseBuilder method buildResponse.

@Override
protected Envelope buildResponse(final Assertion assertion, final Object casAssertion, final RequestAbstractType authnRequest, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor, final HttpServletRequest request, final HttpServletResponse response, final String binding) throws SamlException {
    final org.jasig.cas.client.validation.Assertion castedAssertion = org.jasig.cas.client.validation.Assertion.class.cast(casAssertion);
    final SamlArtifactTicket ticket = (SamlArtifactTicket) castedAssertion.getAttributes().get("artifact");
    final ArtifactResponse artifactResponse = new ArtifactResponseBuilder().buildObject();
    artifactResponse.setIssueInstant(DateTime.now());
    artifactResponse.setIssuer(newIssuer(ticket.getIssuer()));
    artifactResponse.setInResponseTo(ticket.getRelyingPartyId());
    artifactResponse.setID(ticket.getId());
    artifactResponse.setStatus(newStatus(StatusCode.SUCCESS, "Success"));
    final SAMLObject samlResponse = SamlUtils.transformSamlObject(configBean, ticket.getObject(), SAMLObject.class);
    artifactResponse.setMessage(samlResponse);
    final Header header = newSoapObject(Header.class);
    final Body body = newSoapObject(Body.class);
    body.getUnknownXMLObjects().add(artifactResponse);
    final Envelope envelope = newSoapObject(Envelope.class);
    envelope.setHeader(header);
    envelope.setBody(body);
    SamlUtils.logSamlObject(this.configBean, envelope);
    return envelope;
}