use of org.opensaml.soap.soap11.Envelope in project cas by apereo.
the class SamlResponseAuditResourceResolver method getPrincipalIdFromSamlEcpResponse.
private String[] getPrincipalIdFromSamlEcpResponse(final Envelope envelope) {
final List<XMLObject> objects = envelope.getBody().getUnknownXMLObjects();
if (objects.isEmpty()) {
return new String[] {};
}
final XMLObject object = objects.get(0);
if (object instanceof Response) {
return getPrincipalIdFromSamlResponse((Response) object);
}
if (object instanceof Fault) {
return getPrincipalIdFromSamlEcpFault((Fault) object);
}
return new String[] {};
}
use of org.opensaml.soap.soap11.Envelope in project cas by apereo.
the class SamlProfileSamlSoap11FaultResponseBuilder method build.
@Override
public Envelope build(final RequestAbstractType authnRequest, final HttpServletRequest request, final HttpServletResponse response, final Object casAssertion, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor, final String binding) throws SamlException {
final Header header = newSoapObject(Header.class);
final Body body = newSoapObject(Body.class);
final Fault fault = newSoapObject(Fault.class);
final FaultCode faultCode = newSoapObject(FaultCode.class);
faultCode.setValue(FaultCode.SERVER);
fault.setCode(faultCode);
final FaultActor faultActor = newSoapObject(FaultActor.class);
faultActor.setValue(SamlIdPUtils.getIssuerFromSamlRequest(authnRequest));
fault.setActor(faultActor);
final FaultString faultString = newSoapObject(FaultString.class);
faultString.setValue(request.getAttribute(SamlIdPConstants.REQUEST_ATTRIBUTE_ERROR).toString());
fault.setMessage(faultString);
body.getUnknownXMLObjects().add(fault);
final Envelope envelope = newSoapObject(Envelope.class);
envelope.setHeader(header);
envelope.setBody(body);
encodeFinalResponse(request, response, service, adaptor, envelope, binding, authnRequest, casAssertion);
return envelope;
}
use of org.opensaml.soap.soap11.Envelope in project cas by apereo.
the class ECPProfileHandlerController method handleEcpRequest.
/**
* Handle ecp request.
*
* @param response the response
* @param request the request
* @param soapContext the soap context
* @param credential the credential
* @param binding the binding
*/
protected void handleEcpRequest(final HttpServletResponse response, final HttpServletRequest request, final MessageContext soapContext, final Credential credential, final String binding) {
LOGGER.debug("Handling ECP request for SOAP context [{}]", soapContext);
final Envelope envelope = soapContext.getSubcontext(SOAP11Context.class).getEnvelope();
SamlUtils.logSamlObject(configBean, envelope);
final AuthnRequest authnRequest = (AuthnRequest) soapContext.getMessage();
final Pair<AuthnRequest, MessageContext> authenticationContext = Pair.of(authnRequest, soapContext);
try {
LOGGER.debug("Verifying ECP authentication request [{}]", authnRequest);
final Pair<SamlRegisteredService, SamlRegisteredServiceServiceProviderMetadataFacade> serviceRequest = verifySamlAuthenticationRequest(authenticationContext, request);
LOGGER.debug("Attempting to authenticate ECP request for credential id [{}]", credential.getId());
final Authentication authentication = authenticateEcpRequest(credential, authenticationContext);
LOGGER.debug("Authenticated [{}] successfully with authenticated principal [{}]", credential.getId(), authentication.getPrincipal());
LOGGER.debug("Building ECP SAML response for [{}]", credential.getId());
final String issuer = SamlIdPUtils.getIssuerFromSamlRequest(authnRequest);
final Service service = webApplicationServiceFactory.createService(issuer);
final Assertion casAssertion = buildCasAssertion(authentication, service, serviceRequest.getKey(), new LinkedHashMap<>());
LOGGER.debug("CAS assertion to use for building ECP SAML response is [{}]", casAssertion);
buildSamlResponse(response, request, authenticationContext, casAssertion, binding);
} catch (final AuthenticationException e) {
LOGGER.error(e.getMessage(), e);
final String error = e.getHandlerErrors().values().stream().map(Throwable::getMessage).filter(Objects::nonNull).collect(Collectors.joining(","));
buildEcpFaultResponse(response, request, Pair.of(authnRequest, error));
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
buildEcpFaultResponse(response, request, Pair.of(authnRequest, e.getMessage()));
}
}
use of org.opensaml.soap.soap11.Envelope in project cas by apereo.
the class SamlProfileSamlSoap11ResponseBuilder method buildResponse.
@Override
protected Envelope buildResponse(final Assertion assertion, final org.jasig.cas.client.validation.Assertion casAssertion, final AuthnRequest authnRequest, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor, final HttpServletRequest request, final HttpServletResponse response) throws SamlException {
final Response ecpResponse = newEcpResponse(adaptor.getAssertionConsumerService().getLocation());
final Header header = newSoapObject(Header.class);
header.getUnknownXMLObjects().add(ecpResponse);
final Body body = newSoapObject(Body.class);
final org.opensaml.saml.saml2.core.Response saml2Response = (org.opensaml.saml.saml2.core.Response) saml2ResponseBuilder.build(authnRequest, request, response, casAssertion, service, adaptor);
body.getUnknownXMLObjects().add(saml2Response);
final Envelope envelope = newSoapObject(Envelope.class);
envelope.setHeader(header);
envelope.setBody(body);
return envelope;
}
use of org.opensaml.soap.soap11.Envelope in project cas by apereo.
the class SamlProfileArtifactResponseBuilder method buildResponse.
@Override
protected Envelope buildResponse(final Assertion assertion, final Object casAssertion, final RequestAbstractType authnRequest, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor, final HttpServletRequest request, final HttpServletResponse response, final String binding) throws SamlException {
final org.jasig.cas.client.validation.Assertion castedAssertion = org.jasig.cas.client.validation.Assertion.class.cast(casAssertion);
final SamlArtifactTicket ticket = (SamlArtifactTicket) castedAssertion.getAttributes().get("artifact");
final ArtifactResponse artifactResponse = new ArtifactResponseBuilder().buildObject();
artifactResponse.setIssueInstant(DateTime.now());
artifactResponse.setIssuer(newIssuer(ticket.getIssuer()));
artifactResponse.setInResponseTo(ticket.getRelyingPartyId());
artifactResponse.setID(ticket.getId());
artifactResponse.setStatus(newStatus(StatusCode.SUCCESS, "Success"));
final SAMLObject samlResponse = SamlUtils.transformSamlObject(configBean, ticket.getObject(), SAMLObject.class);
artifactResponse.setMessage(samlResponse);
final Header header = newSoapObject(Header.class);
final Body body = newSoapObject(Body.class);
body.getUnknownXMLObjects().add(artifactResponse);
final Envelope envelope = newSoapObject(Envelope.class);
envelope.setHeader(header);
envelope.setBody(body);
SamlUtils.logSamlObject(this.configBean, envelope);
return envelope;
}
Aggregations