Example 1 with HTTPInTransport
use of org.opensaml.ws.transport.http.HTTPInTransport in project uaa by cloudfoundry.
the class SamlAssertionDecoder method doDecode.
/**
* {@inheritDoc}
*/
protected void doDecode(MessageContext messageContext) throws MessageDecodingException {
if (!(messageContext instanceof SAMLMessageContext)) {
log.error("Invalid message context type, this decoder only support SAMLMessageContext");
throw new MessageDecodingException("Invalid message context type, this decoder only support SAMLMessageContext");
}
if (!(messageContext.getInboundMessageTransport() instanceof HTTPInTransport)) {
log.error("Invalid inbound message transport type, this decoder only support HTTPInTransport");
throw new MessageDecodingException("Invalid inbound message transport type, this decoder only support HTTPInTransport");
}
SAMLMessageContext samlMsgCtx = (SAMLMessageContext) messageContext;
HTTPInTransport inTransport = (HTTPInTransport) samlMsgCtx.getInboundMessageTransport();
if (!inTransport.getHTTPMethod().equalsIgnoreCase("POST")) {
throw new MessageDecodingException("This message decoder only supports the HTTP POST method");
}
String relayState = inTransport.getParameterValue("RelayState");
samlMsgCtx.setRelayState(relayState);
log.debug("Decoded SAML relay state of: {}", relayState);
InputStream base64DecodedMessage = getBase64DecodedMessage(inTransport);
Assertion inboundMessage = (Assertion) unmarshallMessage(base64DecodedMessage);
Response response = SamlRedirectUtils.wrapAssertionIntoResponse(inboundMessage, inboundMessage.getIssuer().getValue());
samlMsgCtx.setInboundMessage(response);
samlMsgCtx.setInboundSAMLMessage(response);
log.debug("Decoded SAML message");
populateMessageContext(samlMsgCtx);
}
Also used :
Response(org.opensaml.saml2.core.Response)
SAMLMessageContext(org.opensaml.common.binding.SAMLMessageContext)
MessageDecodingException(org.opensaml.ws.message.decoder.MessageDecodingException)
HTTPInTransport(org.opensaml.ws.transport.http.HTTPInTransport)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
Assertion(org.opensaml.saml2.core.Assertion)
Example 2 with HTTPInTransport
use of org.opensaml.ws.transport.http.HTTPInTransport in project uaa by cloudfoundry.
the class SamlAssertionBindingTests method supports.
@Test
public void supports() {
HTTPInTransport transport = mock(HTTPInTransport.class);
assertFalse(binding.supports(transport));
when(transport.getHTTPMethod()).thenReturn("POST");
assertFalse(binding.supports(transport));
when(transport.getParameterValue("assertion")).thenReturn("some assertion");
assertTrue(binding.supports(transport));
}
Also used :
HTTPInTransport(org.opensaml.ws.transport.http.HTTPInTransport)
Test(org.junit.Test)
Example 3 with HTTPInTransport
use of org.opensaml.ws.transport.http.HTTPInTransport in project uaa by cloudfoundry.
the class IdpSamlContextProviderImpl method populateLocalEntityId.
/**
* Method tries to load localEntityAlias and localEntityRole from the request path. Path is supposed to be in format:
* https(s)://server:port/application/saml/filterName/alias/aliasName/idp|sp. In case alias is missing from
* the path defaults are used. Otherwise localEntityId and sp or idp localEntityRole is entered into the context.
* <p>
* In case alias entity id isn't found an exception is raised.
*
* @param context context to populate fields localEntityId and localEntityRole for
* @param requestURI context path to parse entityId and entityRole from
* @throws MetadataProviderException in case entityId can't be populated
*/
@Override
protected void populateLocalEntityId(SAMLMessageContext context, String requestURI) throws MetadataProviderException {
String entityId;
HTTPInTransport inTransport = (HTTPInTransport) context.getInboundMessageTransport();
// Pre-configured entity Id
entityId = (String) inTransport.getAttribute(org.springframework.security.saml.SAMLConstants.LOCAL_ENTITY_ID);
if (entityId != null) {
log.debug("Using protocol specified IdP {}", entityId);
context.setLocalEntityId(entityId);
context.setLocalEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
return;
}
if (requestURI == null) {
requestURI = "";
}
int filterIndex = requestURI.indexOf("/alias/");
if (filterIndex != -1) {
// EntityId from URL alias
String localAlias = requestURI.substring(filterIndex + 7);
QName localEntityRole;
int entityTypePosition = localAlias.lastIndexOf('/');
if (entityTypePosition != -1) {
String entityRole = localAlias.substring(entityTypePosition + 1);
if ("sp".equalsIgnoreCase(entityRole)) {
localEntityRole = SPSSODescriptor.DEFAULT_ELEMENT_NAME;
} else {
localEntityRole = IDPSSODescriptor.DEFAULT_ELEMENT_NAME;
}
localAlias = localAlias.substring(0, entityTypePosition);
} else {
localEntityRole = IDPSSODescriptor.DEFAULT_ELEMENT_NAME;
}
// Populate entityId
entityId = metadata.getEntityIdForAlias(localAlias);
if (entityId == null) {
throw new MetadataProviderException("No local entity found for alias " + localAlias + ", verify your configuration.");
} else {
log.debug("Using IdP {} specified in request with alias {}", entityId, localAlias);
}
context.setLocalEntityId(entityId);
context.setLocalEntityRole(localEntityRole);
} else {
// Defaults
context.setLocalEntityId(metadata.getDefaultIDP());
context.setLocalEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
}
}
Also used :
HTTPInTransport(org.opensaml.ws.transport.http.HTTPInTransport)
QName(javax.xml.namespace.QName)
MetadataProviderException(org.opensaml.saml2.metadata.provider.MetadataProviderException)
Aggregations
HTTPInTransport (org.opensaml.ws.transport.http.HTTPInTransport)3
ByteArrayInputStream (java.io.ByteArrayInputStream)1
InputStream (java.io.InputStream)1
QName (javax.xml.namespace.QName)1
Test (org.junit.Test)1
SAMLMessageContext (org.opensaml.common.binding.SAMLMessageContext)1
Assertion (org.opensaml.saml2.core.Assertion)1
Response (org.opensaml.saml2.core.Response)1
MetadataProviderException (org.opensaml.saml2.metadata.provider.MetadataProviderException)1
MessageDecodingException (org.opensaml.ws.message.decoder.MessageDecodingException)1
