Examples with SAMLException org.pac4j.saml.exceptions.SAMLException used on opensource projects

Search in sources :

Example 11 with SAMLException

use of org.pac4j.saml.exceptions.SAMLException in project pac4j by pac4j.

the class SAML2LogoutMessageSender method invokeOutboundMessageHandlers.

protected final void invokeOutboundMessageHandlers(final SPSSODescriptor spDescriptor, final IDPSSODescriptor idpssoDescriptor, final SAML2MessageContext outboundContext) {
    try {
        final EndpointURLSchemeSecurityHandler handlerEnd = new EndpointURLSchemeSecurityHandler();
        handlerEnd.initialize();
        handlerEnd.invoke(outboundContext);
        final SAMLOutboundDestinationHandler handlerDest = new SAMLOutboundDestinationHandler();
        handlerDest.initialize();
        handlerDest.invoke(outboundContext);
        if (spDescriptor.isAuthnRequestsSigned()) {
            final SAMLOutboundProtocolMessageSigningHandler handler = new SAMLOutboundProtocolMessageSigningHandler();
            handler.setSignErrorResponses(this.signErrorResponses);
            handler.invoke(outboundContext);
        } else if (idpssoDescriptor.getWantAuthnRequestsSigned()) {
            logger.warn("IdP wants authn requests signed, it will perhaps reject your authn requests unless you provide a keystore");
        }
    } catch (final Exception e) {
        throw new SAMLException(e);
    }
}
Also used : EndpointURLSchemeSecurityHandler(org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler) SAMLOutboundProtocolMessageSigningHandler(org.opensaml.saml.common.binding.security.impl.SAMLOutboundProtocolMessageSigningHandler) SAMLOutboundDestinationHandler(org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler) SAMLException(org.pac4j.saml.exceptions.SAMLException) ComponentInitializationException(net.shibboleth.utilities.java.support.component.ComponentInitializationException) SAMLException(org.pac4j.saml.exceptions.SAMLException) MessageEncodingException(org.opensaml.messaging.encoder.MessageEncodingException)

Example 12 with SAMLException

use of org.pac4j.saml.exceptions.SAMLException in project pac4j by pac4j.

the class SAML2LogoutMessageSender method sendMessage.

@Override
public void sendMessage(final SAML2MessageContext context, final LogoutRequest logoutRequest, final Object relayState) {
    final SPSSODescriptor spDescriptor = context.getSPSSODescriptor();
    final IDPSSODescriptor idpssoDescriptor = context.getIDPSSODescriptor();
    final SingleLogoutService ssoLogoutService = context.getIDPSingleLogoutService(destinationBindingType);
    final AssertionConsumerService acsService = context.getSPAssertionConsumerService();
    final MessageEncoder encoder = getMessageEncoder(context);
    final SAML2MessageContext outboundContext = new SAML2MessageContext(context);
    outboundContext.getProfileRequestContext().setProfileId(context.getProfileRequestContext().getProfileId());
    outboundContext.getProfileRequestContext().setInboundMessageContext(context.getProfileRequestContext().getInboundMessageContext());
    outboundContext.getProfileRequestContext().setOutboundMessageContext(context.getProfileRequestContext().getOutboundMessageContext());
    outboundContext.setMessage(logoutRequest);
    outboundContext.getSAMLEndpointContext().setEndpoint(acsService);
    outboundContext.getSAMLPeerEndpointContext().setEndpoint(ssoLogoutService);
    outboundContext.getSAMLPeerEntityContext().setRole(context.getSAMLPeerEntityContext().getRole());
    outboundContext.getSAMLPeerEntityContext().setEntityId(context.getSAMLPeerEntityContext().getEntityId());
    outboundContext.getSAMLProtocolContext().setProtocol(context.getSAMLProtocolContext().getProtocol());
    outboundContext.getSecurityParametersContext().setSignatureSigningParameters(this.signatureSigningParametersProvider.build(spDescriptor));
    if (relayState != null) {
        outboundContext.getSAMLBindingContext().setRelayState(relayState.toString());
    }
    invokeOutboundMessageHandlers(spDescriptor, idpssoDescriptor, outboundContext);
    try {
        encoder.setMessageContext(outboundContext);
        encoder.initialize();
        encoder.prepareContext();
        encoder.encode();
        final SAMLMessageStorage messageStorage = context.getSAMLMessageStorage();
        if (messageStorage != null) {
            messageStorage.storeMessage(logoutRequest.getID(), logoutRequest);
        }
    } catch (final MessageEncodingException e) {
        throw new SAMLException("Error encoding saml message", e);
    } catch (final ComponentInitializationException e) {
        throw new SAMLException("Error initializing saml encoder", e);
    }
}
Also used : SPSSODescriptor(org.opensaml.saml.saml2.metadata.SPSSODescriptor) SAML2MessageContext(org.pac4j.saml.context.SAML2MessageContext) IDPSSODescriptor(org.opensaml.saml.saml2.metadata.IDPSSODescriptor) ComponentInitializationException(net.shibboleth.utilities.java.support.component.ComponentInitializationException) SingleLogoutService(org.opensaml.saml.saml2.metadata.SingleLogoutService) AssertionConsumerService(org.opensaml.saml.saml2.metadata.AssertionConsumerService) MessageEncoder(org.opensaml.messaging.encoder.MessageEncoder) SAMLMessageStorage(org.pac4j.saml.storage.SAMLMessageStorage) MessageEncodingException(org.opensaml.messaging.encoder.MessageEncodingException) SAMLException(org.pac4j.saml.exceptions.SAMLException)

Example 13 with SAMLException

use of org.pac4j.saml.exceptions.SAMLException in project pac4j by pac4j.

the class SAML2LogoutResponseValidator method validate.

/**
 * Validates the SAML protocol response and the SAML SSO response.
 * The method decrypt encrypted assertions if any.
 *
 * @param context the context
 */
@Override
public Credentials validate(final SAML2MessageContext context) {
    final SAMLObject message = context.getMessage();
    if (!(message instanceof Response)) {
        throw new SAMLException("Response instance is an unsupported type");
    }
    final Response response = (Response) message;
    final SignatureTrustEngine engine = this.signatureTrustEngineProvider.build();
    validateSamlProtocolResponse(response, context, engine);
    return null;
}
Also used : Response(org.opensaml.saml.saml2.core.Response) SAMLObject(org.opensaml.saml.common.SAMLObject) SignatureTrustEngine(org.opensaml.xmlsec.signature.support.SignatureTrustEngine) SAMLException(org.pac4j.saml.exceptions.SAMLException)

Example 14 with SAMLException

use of org.pac4j.saml.exceptions.SAMLException in project pac4j by pac4j.

the class SAML2WebSSOMessageReceiver method receiveMessage.

@Override
public Credentials receiveMessage(final SAML2MessageContext context) {
    final SAMLPeerEntityContext peerContext = context.getSAMLPeerEntityContext();
    peerContext.setRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
    context.getSAMLSelfProtocolContext().setProtocol(SAMLConstants.SAML20P_NS);
    final Pac4jHTTPPostDecoder decoder = new Pac4jHTTPPostDecoder(context.getWebContext());
    try {
        decoder.setParserPool(Configuration.getParserPool());
        decoder.initialize();
        decoder.decode();
    } catch (final Exception e) {
        throw new SAMLException("Error decoding saml message", e);
    }
    final SAML2MessageContext decodedCtx = new SAML2MessageContext(decoder.getMessageContext());
    decodedCtx.setMessage(decoder.getMessageContext().getMessage());
    decodedCtx.setSAMLMessageStorage(context.getSAMLMessageStorage());
    final SAMLBindingContext bindingContext = decodedCtx.getParent().getSubcontext(SAMLBindingContext.class);
    decodedCtx.getSAMLBindingContext().setBindingDescriptor(bindingContext.getBindingDescriptor());
    decodedCtx.getSAMLBindingContext().setBindingUri(bindingContext.getBindingUri());
    decodedCtx.getSAMLBindingContext().setHasBindingSignature(bindingContext.hasBindingSignature());
    decodedCtx.getSAMLBindingContext().setIntendedDestinationEndpointURIRequired(bindingContext.isIntendedDestinationEndpointURIRequired());
    decodedCtx.getSAMLBindingContext().setRelayState(bindingContext.getRelayState());
    final AssertionConsumerService acsService = context.getSPAssertionConsumerService();
    decodedCtx.getSAMLEndpointContext().setEndpoint(acsService);
    final EntityDescriptor metadata = context.getSAMLPeerMetadataContext().getEntityDescriptor();
    if (metadata == null) {
        throw new SAMLException("IDP Metadata cannot be null");
    }
    decodedCtx.getSAMLPeerEntityContext().setEntityId(metadata.getEntityID());
    decodedCtx.getSAMLSelfEntityContext().setEntityId(context.getSAMLSelfEntityContext().getEntityId());
    decodedCtx.getSAMLSelfEndpointContext().setEndpoint(context.getSAMLSelfEndpointContext().getEndpoint());
    decodedCtx.getSAMLSelfEntityContext().setRole(context.getSAMLSelfEntityContext().getRole());
    decodedCtx.getProfileRequestContext().setProfileId(SAML2_WEBSSO_PROFILE_URI);
    decodedCtx.getSAMLSelfMetadataContext().setRoleDescriptor(context.getSPSSODescriptor());
    return this.validator.validate(decodedCtx);
}
Also used : SAMLBindingContext(org.opensaml.saml.common.messaging.context.SAMLBindingContext) SAML2MessageContext(org.pac4j.saml.context.SAML2MessageContext) EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor) SAMLPeerEntityContext(org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext) AssertionConsumerService(org.opensaml.saml.saml2.metadata.AssertionConsumerService) Pac4jHTTPPostDecoder(org.pac4j.saml.transport.Pac4jHTTPPostDecoder) SAMLException(org.pac4j.saml.exceptions.SAMLException) SAMLException(org.pac4j.saml.exceptions.SAMLException)

Example 15 with SAMLException

use of org.pac4j.saml.exceptions.SAMLException in project pac4j by pac4j.

the class DefaultSignatureSigningParametersProvider method build.

@Override
public SignatureSigningParameters build(final SSODescriptor descriptor) {
    try {
        final CriteriaSet criteria = new CriteriaSet();
        criteria.add(new SignatureSigningConfigurationCriterion(getSignatureSigningConfiguration()));
        criteria.add(new RoleDescriptorCriterion(descriptor));
        final SAMLMetadataSignatureSigningParametersResolver resolver = new SAMLMetadataSignatureSigningParametersResolver();
        final SignatureSigningParameters params = resolver.resolveSingle(criteria);
        augmentSignatureSigningParameters(params);
        if (params == null) {
            throw new SAMLException("Could not determine the signature parameters");
        }
        logger.info("Created signature signing parameters." + "\nSignature algorithm: {}" + "\nSignature canonicalization algorithm: {}" + "\nSignature reference digest methods: {}", params.getSignatureAlgorithm(), params.getSignatureCanonicalizationAlgorithm(), params.getSignatureReferenceDigestMethod());
        return params;
    } catch (final Exception e) {
        throw new SAMLException(e);
    }
}
Also used : RoleDescriptorCriterion(org.opensaml.saml.criterion.RoleDescriptorCriterion) SignatureSigningParameters(org.opensaml.xmlsec.SignatureSigningParameters) SAMLMetadataSignatureSigningParametersResolver(org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver) CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet) SignatureSigningConfigurationCriterion(org.opensaml.xmlsec.criterion.SignatureSigningConfigurationCriterion) SAMLException(org.pac4j.saml.exceptions.SAMLException) SAMLException(org.pac4j.saml.exceptions.SAMLException)

Aggregations

SAMLException (org.pac4j.saml.exceptions.SAMLException)19 ComponentInitializationException (net.shibboleth.utilities.java.support.component.ComponentInitializationException)7 MessageEncodingException (org.opensaml.messaging.encoder.MessageEncodingException)4 AssertionConsumerService (org.opensaml.saml.saml2.metadata.AssertionConsumerService)4 SAMLMessageStorage (org.pac4j.saml.storage.SAMLMessageStorage)4 CriteriaSet (net.shibboleth.utilities.java.support.resolver.CriteriaSet)3 ResolverException (net.shibboleth.utilities.java.support.resolver.ResolverException)3 EntityDescriptor (org.opensaml.saml.saml2.metadata.EntityDescriptor)3 SAML2MessageContext (org.pac4j.saml.context.SAML2MessageContext)3 IOException (java.io.IOException)2 KeyStore (java.security.KeyStore)2 EntityIdCriterion (org.opensaml.core.criterion.EntityIdCriterion)2 XMLObject (org.opensaml.core.xml.XMLObject)2 MessageEncoder (org.opensaml.messaging.encoder.MessageEncoder)2 SAMLObject (org.opensaml.saml.common.SAMLObject)2 SAMLOutboundDestinationHandler (org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler)2 EndpointURLSchemeSecurityHandler (org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler)2 SAMLOutboundProtocolMessageSigningHandler (org.opensaml.saml.common.binding.security.impl.SAMLOutboundProtocolMessageSigningHandler)2 Response (org.opensaml.saml.saml2.core.Response)2 SPSSODescriptor (org.opensaml.saml.saml2.metadata.SPSSODescriptor)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial