Examples with SamlAuthnRequestContainerDto - uk.gov.ida.hub.samlproxy.domain.SamlAuthnRequestContainerDto

Example 1 with SamlAuthnRequestContainerDto

use of uk.gov.ida.hub.samlproxy.domain.SamlAuthnRequestContainerDto in project verify-hub by alphagov.

the class SamlMessageReceiverApi method handleRequestPost.

@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Timed
@ResponseMetered
public Response handleRequestPost(SamlRequestDto samlRequestDto) {
    relayStateValidator.validate(samlRequestDto.getRelayState());
    AuthnRequest authnRequest = stringSamlAuthnRequestTransformer.apply(samlRequestDto.getSamlRequest());
    SamlValidationResponse signatureValidationResponse = authnRequestSignatureValidator.validate(authnRequest, SPSSODescriptor.DEFAULT_ELEMENT_NAME);
    authnRequestsFromEntities.labels(authnRequest.getIssuer().getValue()).inc();
    protectiveMonitoringLogger.logAuthnRequest(authnRequest, Direction.INBOUND, SignatureStatus.fromValidationResponse(signatureValidationResponse));
    if (!signatureValidationResponse.isOK()) {
        SamlValidationSpecificationFailure failure = signatureValidationResponse.getSamlValidationSpecificationFailure();
        throw new SamlTransformationErrorException(String.format("Invalid authn request from issuer \"%s\". %s", authnRequest.getIssuer().getValue(), failure.getErrorMessage()), signatureValidationResponse.getCause(), Level.ERROR);
    }
    SamlAuthnRequestContainerDto samlAuthnRequestContainerDto = new SamlAuthnRequestContainerDto(samlRequestDto.getSamlRequest(), Optional.ofNullable(samlRequestDto.getRelayState()), samlRequestDto.getPrincipalIpAsSeenByFrontend());
    SessionId sessionId = sessionProxy.createSession(samlAuthnRequestContainerDto);
    return Response.ok(sessionId).build();
}

Also used : SamlValidationResponse(uk.gov.ida.saml.core.validation.SamlValidationResponse) SamlValidationSpecificationFailure(uk.gov.ida.saml.core.validation.SamlValidationSpecificationFailure) SamlAuthnRequestContainerDto(uk.gov.ida.hub.samlproxy.domain.SamlAuthnRequestContainerDto) AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) SamlTransformationErrorException(uk.gov.ida.saml.core.validation.SamlTransformationErrorException) SessionId(uk.gov.ida.common.SessionId) ResponseMetered(com.codahale.metrics.annotation.ResponseMetered) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces) Timed(com.codahale.metrics.annotation.Timed)

Aggregations

ResponseMetered (com.codahale.metrics.annotation.ResponseMetered)1 Timed (com.codahale.metrics.annotation.Timed)1 Consumes (javax.ws.rs.Consumes)1 POST (javax.ws.rs.POST)1 Produces (javax.ws.rs.Produces)1 AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)1 SessionId (uk.gov.ida.common.SessionId)1 SamlAuthnRequestContainerDto (uk.gov.ida.hub.samlproxy.domain.SamlAuthnRequestContainerDto)1 SamlTransformationErrorException (uk.gov.ida.saml.core.validation.SamlTransformationErrorException)1 SamlValidationResponse (uk.gov.ida.saml.core.validation.SamlValidationResponse)1 SamlValidationSpecificationFailure (uk.gov.ida.saml.core.validation.SamlValidationSpecificationFailure)1