use of org.pac4j.saml.context.SAML2MessageContext in project pac4j by pac4j.
the class SAML2WebSSOMessageSender method sendMessage.
@Override
public void sendMessage(final SAML2MessageContext context, final AuthnRequest authnRequest, final Object relayState) {
final SPSSODescriptor spDescriptor = context.getSPSSODescriptor();
final IDPSSODescriptor idpssoDescriptor = context.getIDPSSODescriptor();
final SingleSignOnService ssoService = context.getIDPSingleSignOnService(destinationBindingType);
final AssertionConsumerService acsService = context.getSPAssertionConsumerService();
final MessageEncoder encoder = getMessageEncoder(context);
final SAML2MessageContext outboundContext = new SAML2MessageContext(context);
outboundContext.getProfileRequestContext().setProfileId(context.getProfileRequestContext().getProfileId());
outboundContext.getProfileRequestContext().setInboundMessageContext(context.getProfileRequestContext().getInboundMessageContext());
outboundContext.getProfileRequestContext().setOutboundMessageContext(context.getProfileRequestContext().getOutboundMessageContext());
outboundContext.setMessage(authnRequest);
outboundContext.getSAMLEndpointContext().setEndpoint(acsService);
outboundContext.getSAMLPeerEndpointContext().setEndpoint(ssoService);
outboundContext.getSAMLPeerEntityContext().setRole(context.getSAMLPeerEntityContext().getRole());
outboundContext.getSAMLPeerEntityContext().setEntityId(context.getSAMLPeerEntityContext().getEntityId());
outboundContext.getSAMLProtocolContext().setProtocol(context.getSAMLProtocolContext().getProtocol());
outboundContext.getSecurityParametersContext().setSignatureSigningParameters(this.signatureSigningParametersProvider.build(spDescriptor));
if (relayState != null) {
outboundContext.getSAMLBindingContext().setRelayState(relayState.toString());
}
try {
invokeOutboundMessageHandlers(spDescriptor, idpssoDescriptor, outboundContext);
encoder.setMessageContext(outboundContext);
encoder.initialize();
encoder.prepareContext();
encoder.encode();
final SAMLMessageStorage messageStorage = context.getSAMLMessageStorage();
if (messageStorage != null) {
messageStorage.storeMessage(authnRequest.getID(), authnRequest);
}
} catch (final MessageEncodingException e) {
throw new SAMLException("Error encoding saml message", e);
} catch (final ComponentInitializationException e) {
throw new SAMLException("Error initializing saml encoder", e);
}
}
use of org.pac4j.saml.context.SAML2MessageContext in project pac4j by pac4j.
the class SAML2DefaultResponseValidatorTests method testAssertionWithoutSignatureThrowsException.
@Test(expected = SAMLException.class)
public void testAssertionWithoutSignatureThrowsException() {
SAML2DefaultResponseValidator validator = createResponseValidatorWithSigningValidationOf(true);
SAML2MessageContext context = new SAML2MessageContext();
SAMLPeerEntityContext peerEntityContext = new SAMLPeerEntityContext();
peerEntityContext.setAuthenticated(false);
context.addSubcontext(peerEntityContext);
validator.validateAssertionSignature(null, context, null);
}
use of org.pac4j.saml.context.SAML2MessageContext in project pac4j by pac4j.
the class SAML2DefaultResponseValidatorTests method testAssertionWithoutSignatureDoesNotThrowException.
@Test
public void testAssertionWithoutSignatureDoesNotThrowException() {
SAML2DefaultResponseValidator validator = createResponseValidatorWithSigningValidationOf(false);
SAML2MessageContext context = new SAML2MessageContext();
SAMLPeerEntityContext peerEntityContext = new SAMLPeerEntityContext();
peerEntityContext.setAuthenticated(false);
context.addSubcontext(peerEntityContext);
validator.validateAssertionSignature(null, context, null);
// expected no exceptions
}
use of org.pac4j.saml.context.SAML2MessageContext in project pac4j by pac4j.
the class SAML2LogoutMessageSender method sendMessage.
@Override
public void sendMessage(final SAML2MessageContext context, final LogoutRequest logoutRequest, final Object relayState) {
final SPSSODescriptor spDescriptor = context.getSPSSODescriptor();
final IDPSSODescriptor idpssoDescriptor = context.getIDPSSODescriptor();
final SingleLogoutService ssoLogoutService = context.getIDPSingleLogoutService(destinationBindingType);
final AssertionConsumerService acsService = context.getSPAssertionConsumerService();
final MessageEncoder encoder = getMessageEncoder(context);
final SAML2MessageContext outboundContext = new SAML2MessageContext(context);
outboundContext.getProfileRequestContext().setProfileId(context.getProfileRequestContext().getProfileId());
outboundContext.getProfileRequestContext().setInboundMessageContext(context.getProfileRequestContext().getInboundMessageContext());
outboundContext.getProfileRequestContext().setOutboundMessageContext(context.getProfileRequestContext().getOutboundMessageContext());
outboundContext.setMessage(logoutRequest);
outboundContext.getSAMLEndpointContext().setEndpoint(acsService);
outboundContext.getSAMLPeerEndpointContext().setEndpoint(ssoLogoutService);
outboundContext.getSAMLPeerEntityContext().setRole(context.getSAMLPeerEntityContext().getRole());
outboundContext.getSAMLPeerEntityContext().setEntityId(context.getSAMLPeerEntityContext().getEntityId());
outboundContext.getSAMLProtocolContext().setProtocol(context.getSAMLProtocolContext().getProtocol());
outboundContext.getSecurityParametersContext().setSignatureSigningParameters(this.signatureSigningParametersProvider.build(spDescriptor));
if (relayState != null) {
outboundContext.getSAMLBindingContext().setRelayState(relayState.toString());
}
invokeOutboundMessageHandlers(spDescriptor, idpssoDescriptor, outboundContext);
try {
encoder.setMessageContext(outboundContext);
encoder.initialize();
encoder.prepareContext();
encoder.encode();
final SAMLMessageStorage messageStorage = context.getSAMLMessageStorage();
if (messageStorage != null) {
messageStorage.storeMessage(logoutRequest.getID(), logoutRequest);
}
} catch (final MessageEncodingException e) {
throw new SAMLException("Error encoding saml message", e);
} catch (final ComponentInitializationException e) {
throw new SAMLException("Error initializing saml encoder", e);
}
}
use of org.pac4j.saml.context.SAML2MessageContext in project pac4j by pac4j.
the class SAML2WebSSOMessageReceiver method receiveMessage.
@Override
public Credentials receiveMessage(final SAML2MessageContext context) {
final SAMLPeerEntityContext peerContext = context.getSAMLPeerEntityContext();
peerContext.setRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
context.getSAMLSelfProtocolContext().setProtocol(SAMLConstants.SAML20P_NS);
final Pac4jHTTPPostDecoder decoder = new Pac4jHTTPPostDecoder(context.getWebContext());
try {
decoder.setParserPool(Configuration.getParserPool());
decoder.initialize();
decoder.decode();
} catch (final Exception e) {
throw new SAMLException("Error decoding saml message", e);
}
final SAML2MessageContext decodedCtx = new SAML2MessageContext(decoder.getMessageContext());
decodedCtx.setMessage(decoder.getMessageContext().getMessage());
decodedCtx.setSAMLMessageStorage(context.getSAMLMessageStorage());
final SAMLBindingContext bindingContext = decodedCtx.getParent().getSubcontext(SAMLBindingContext.class);
decodedCtx.getSAMLBindingContext().setBindingDescriptor(bindingContext.getBindingDescriptor());
decodedCtx.getSAMLBindingContext().setBindingUri(bindingContext.getBindingUri());
decodedCtx.getSAMLBindingContext().setHasBindingSignature(bindingContext.hasBindingSignature());
decodedCtx.getSAMLBindingContext().setIntendedDestinationEndpointURIRequired(bindingContext.isIntendedDestinationEndpointURIRequired());
decodedCtx.getSAMLBindingContext().setRelayState(bindingContext.getRelayState());
final AssertionConsumerService acsService = context.getSPAssertionConsumerService();
decodedCtx.getSAMLEndpointContext().setEndpoint(acsService);
final EntityDescriptor metadata = context.getSAMLPeerMetadataContext().getEntityDescriptor();
if (metadata == null) {
throw new SAMLException("IDP Metadata cannot be null");
}
decodedCtx.getSAMLPeerEntityContext().setEntityId(metadata.getEntityID());
decodedCtx.getSAMLSelfEntityContext().setEntityId(context.getSAMLSelfEntityContext().getEntityId());
decodedCtx.getSAMLSelfEndpointContext().setEndpoint(context.getSAMLSelfEndpointContext().getEndpoint());
decodedCtx.getSAMLSelfEntityContext().setRole(context.getSAMLSelfEntityContext().getRole());
decodedCtx.getProfileRequestContext().setProfileId(SAML2_WEBSSO_PROFILE_URI);
decodedCtx.getSAMLSelfMetadataContext().setRoleDescriptor(context.getSPSSODescriptor());
return this.validator.validate(decodedCtx);
}
Aggregations