Package org.picketlink.identity.federation.api.saml.v2.sig

Examples of org.picketlink.identity.federation.api.saml.v2.sig.SAML2Signature


        if (serviceURL == null)
            throw new IllegalArgumentException(ErrorCodes.NULL_ARGUMENT + "serviceURL");
        if (identityURL == null)
            throw new IllegalArgumentException(ErrorCodes.NULL_ARGUMENT + "identityURL");

        SAML2Request saml2Request = new SAML2Request();
        String id = IDGenerator.create("ID_");
        return saml2Request.createAuthnRequestType(id, serviceURL, identityURL, serviceURL);
    }
View Full Code Here


        return saml2Request.createAuthnRequestType(id, serviceURL, identityURL, serviceURL);
    }

    protected void sendRequestToIDP(AuthnRequestType authnRequest, String relayState, HttpServletResponse response)
            throws IOException, SAXException, GeneralSecurityException {
        SAML2Request saml2Request = new SAML2Request();
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        saml2Request.marshall(authnRequest, baos);

        String samlMessage = PostBindingUtil.base64Encode(baos.toString());
        String destination = authnRequest.getDestination().toASCIIString();
        PostBindingUtil.sendPost(new DestinationInfoHolder(destination, samlMessage, relayState), response, true);
    }
View Full Code Here

                // send logout request to participant with relaystate to orig
                response.setRelayState(relayState);

                response.setDestination(nextParticipant);

                SAML2Request saml2Request = new SAML2Request();
                try {
                    LogoutRequestType lort = saml2Request.createLogoutRequest(request.getIssuer().getValue());
                    response.setResultingDocument(saml2Request.convert(lort));
                    response.setSendRequest(true);
                } catch (Exception e) {
                    throw logger.processingError(e);
                }
            }
View Full Code Here

            String relayState = httpContext.getRequest().getParameter(GeneralConstants.RELAY_STATE);

            LogoutRequestType logOutRequest = (LogoutRequestType) request.getSAML2Object();
            String issuer = logOutRequest.getIssuer().getValue();
            try {
                SAML2Request saml2Request = new SAML2Request();

                ServletContext servletCtx = httpContext.getServletContext();
                IdentityServer server = (IdentityServer) servletCtx.getAttribute(GeneralConstants.IDENTITY_SERVER);

                if (server == null)
                    throw logger.samlHandlerIdentityServerNotFoundError();

                String originalIssuer = (relayState == null) ? issuer : relayState;

                String participant = this.getParticipant(server, sessionID, originalIssuer);

                if (participant == null || participant.equals(originalIssuer)) {
                    // All log out is done
                    session.invalidate();
                    server.stack().pop(sessionID);

                    generateSuccessStatusResponseType(logOutRequest.getID(), request, response, originalIssuer);

                    boolean isPost = isPostBindingForResponse(server, participant, request);
                    response.setPostBindingForResponse(isPost);

                    response.setSendRequest(false);
                } else {
                    // Put the participant in transit mode
                    server.stack().registerTransitParticipant(sessionID, participant);

                    if (relayState == null) {
                         relayState = originalIssuer;
                    }

                    // send logout request to participant with relaystate to orig
                    response.setRelayState(originalIssuer);

                    response.setDestination(participant);

                    boolean isPost = isPostBindingForResponse(server, participant, request);
                    response.setPostBindingForResponse(isPost);

                    LogoutRequestType lort = saml2Request.createLogoutRequest(request.getIssuer().getValue());

                    Principal userPrincipal = httpServletRequest.getUserPrincipal();
                    if (userPrincipal == null) {
                        throw logger.samlHandlerPrincipalNotFoundError();
                    }
                    NameIDType nameID = new NameIDType();
                    nameID.setValue(userPrincipal.getName());
                    lort.setNameID(nameID);

                    long assertionValidity = PicketLinkCoreSTS.instance().getConfiguration().getIssuedTokenTimeout();

                    lort.setNotOnOrAfter(XMLTimeUtil.add(lort.getIssueInstant(), assertionValidity));
                    lort.setDestination(URI.create(participant));

                    response.setResultingDocument(saml2Request.convert(lort));
                    response.setSendRequest(true);
                }
            } catch (ParserConfigurationException pe) {
                throw logger.processingError(pe);
            } catch (ConfigurationException pe) {
View Full Code Here

     * Test the encoding/decoding of a SAML2 AuthnRequest with signature support
     *
     * @throws Exception
     */
    public void testSigUseCase() throws Exception {
        SAML2Request samlRequest = new SAML2Request();

        AuthnRequestType authnRequest = samlRequest.createAuthnRequestType(IDGenerator.create("ID_"), "http://sp",
                "http://idp", "http://sp");

        KeyPair kp = KeyStoreUtil.generateKeyPair("RSA");

        PrivateKey signingKey = kp.getPrivate();
View Full Code Here

     * Test the encoding/decoding of a SAML2 AuthnRequest
     *
     * @throws Exception
     */
    public void testRegularRedirectBindingUseCaseWithStringWriter() throws Exception {
        AuthnRequestType authnRequest = (new SAML2Request()).createAuthnRequestType(IDGenerator.create("ID_"), "http://sp",
                "http://idp", "http://sp");

        StringWriter sw = new StringWriter();
        SAML2Request saml2Request = new SAML2Request();
        saml2Request.marshall(authnRequest, sw);

        String request = RedirectBindingUtil.deflateBase64URLEncode(sw.toString());

        InputStream is = RedirectBindingUtil.urlBase64DeflateDecode(request);

        RequestAbstractType parsed = saml2Request.getRequestType(is);
        assertNotNull("Parsed request is not null", parsed);
        assertTrue("AuthnRequestType", parsed instanceof AuthnRequestType);
    }
View Full Code Here

     * Test the encoding/decoding of a SAML2 AuthnRequest (Use of ByteArrayOutputStream)
     *
     * @throws Exception
     */
    public void testRegularRedirectBindingUseCaseWithByteArray() throws Exception {
        AuthnRequestType authnRequest = (new SAML2Request()).createAuthnRequestType(IDGenerator.create("ID_"), "http://sp",
                "http://idp", "http://sp");

        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        SAML2Request saml2Request = new SAML2Request();
        saml2Request.marshall(authnRequest, baos);

        String request = RedirectBindingUtil.deflateBase64URLEncode(baos.toByteArray());

        InputStream is = RedirectBindingUtil.urlBase64DeflateDecode(request);

        AuthnRequestType parsed = saml2Request.getAuthnRequestType(is);
        assertNotNull("Parsed request is not null", parsed);
    }
View Full Code Here

    public Document buildDocument() throws ConfigurationException, ProcessingException {
        Document samlResponseDocument = null;

        ResponseType responseType = null;

        SAML2Response saml2Response = new SAML2Response();

        // Create a response type
        String id = IDGenerator.create("ID_");

        IssuerInfoHolder issuerHolder = new IssuerInfoHolder(responseIssuer);
        issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get());

        IDPInfoHolder idp = new IDPInfoHolder();
        idp.setNameIDFormatValue(userPrincipal);
        idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());

        SPInfoHolder sp = new SPInfoHolder();
        sp.setResponseDestinationURI(destination);
        sp.setRequestID(requestID);
        sp.setIssuer(requestIssuer);
        responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);

        // Add information on the roles
        AssertionType assertion = responseType.getAssertions().get(0).getAssertion();

        // Create an AuthnStatementType
        if (!disableAuthnStatement) {
            String authContextRef = JBossSAMLURIConstants.AC_UNSPECIFIED.get();
            if (isNotNull(authMethod))
                authContextRef = authMethod;

            AuthnStatementType authnStatement = StatementUtil.createAuthnStatement(XMLTimeUtil.getIssueInstant(),
                    authContextRef);

            authnStatement.setSessionIndex(assertion.getID());

            assertion.addStatement(authnStatement);
        }

        if (roles != null && !roles.isEmpty()) {
            AttributeStatementType attrStatement = StatementUtil.createAttributeStatementForRoles(roles, multiValuedRoles);
            assertion.addStatement(attrStatement);
        }

        // Add in the attributes information
        if (attributes != null && attributes.size() > 0) {
            AttributeStatementType attStatement = StatementUtil.createAttributeStatement(attributes);
            assertion.addStatement(attStatement);
        }

        try {
            samlResponseDocument = saml2Response.convert(responseType);

            if (logger.isTraceEnabled()) {
                logger.trace("SAML Response Document: " + DocumentUtil.asString(samlResponseDocument));
            }
        } catch (Exception e) {
View Full Code Here

    public Document buildDocument() throws ProcessingException {
        Document samlResponse = null;
        ResponseType responseType = null;

        SAML2Response saml2Response = new SAML2Response();

        // Create a response type
        String id = IDGenerator.create("ID_");

        IssuerInfoHolder issuerHolder = new IssuerInfoHolder(responseIssuer);
        issuerHolder.setStatusCode(status);

        IDPInfoHolder idp = new IDPInfoHolder();
        idp.setNameIDFormatValue(null);
        idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());

        SPInfoHolder sp = new SPInfoHolder();
        sp.setResponseDestinationURI(destination);

        responseType = saml2Response.createResponseType(id);
        responseType.setStatus(JBossSAMLAuthnResponseFactory.createStatusTypeForResponder(status));
        responseType.setDestination(destination);

        if (encrypt) encryptDocument(samlResponse);
        return samlResponse;
View Full Code Here

     */
    public Document getErrorResponse(String responseURL, String status, String identityURL, boolean supportSignature) {
        Document samlResponse = null;
        ResponseType responseType = null;

        SAML2Response saml2Response = new SAML2Response();

        // Create a response type
        String id = IDGenerator.create("ID_");

        IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL);
        issuerHolder.setStatusCode(status);

        IDPInfoHolder idp = new IDPInfoHolder();
        idp.setNameIDFormatValue(null);
        idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());

        SPInfoHolder sp = new SPInfoHolder();
        sp.setResponseDestinationURI(responseURL);

        responseType = saml2Response.createResponseType(id);
        responseType.setStatus(JBossSAMLAuthnResponseFactory.createStatusType(status));

        // Lets see how the response looks like
        if (logger.isTraceEnabled()) {
            StringWriter sw = new StringWriter();
            try {
                saml2Response.marshall(responseType, sw);
            } catch (ProcessingException e) {
                logger.trace(e);
            }
            logger.trace("SAML Response Document: " + sw.toString());
        }

        if (supportSignature) {
            try {
                SAML2Signature ss = new SAML2Signature();
                samlResponse = ss.sign(responseType, keyManager.getSigningKeyPair());
            } catch (Exception e) {
                logger.trace(e);
                throw new RuntimeException(logger.signatureError(e));
            }
        } else
            try {
                samlResponse = saml2Response.convert(responseType);
            } catch (Exception e) {
                logger.trace(e);
            }

        return samlResponse;
View Full Code Here

TOP

Related Classes of org.picketlink.identity.federation.api.saml.v2.sig.SAML2Signature

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.