}
protected Response doProcessSamlResponse(String encodedSamlResponse,
String relayState,
boolean postBinding) {
RequestState requestState = processRelayState(relayState);
URI targetURI = getTargetURI(requestState.getTargetAddress());
org.opensaml.saml2.core.Response samlResponse =
readSAMLResponse(postBinding, encodedSamlResponse);
// Validate the Response
validateSamlResponseProtocol(samlResponse);
SSOValidatorResponse validatorResponse =
validateSamlSSOResponse(postBinding, samlResponse, requestState);
// Set the security context
String securityContextKey = UUID.randomUUID().toString();
long currentTime = System.currentTimeMillis();
Date notOnOrAfter = validatorResponse.getSessionNotOnOrAfter();
long expiresAt = 0;
if (notOnOrAfter != null) {
expiresAt = notOnOrAfter.getTime();
} else {
expiresAt = currentTime + getStateTimeToLive();
}
ResponseState responseState =
new ResponseState(validatorResponse.getAssertion(),
relayState,
requestState.getWebAppContext(),
requestState.getWebAppDomain(),
currentTime,
expiresAt);
getStateProvider().setResponseState(securityContextKey, responseState);
String contextCookie = createCookie(SSOConstants.SECURITY_CONTEXT_TOKEN,
securityContextKey,
requestState.getWebAppContext(),
requestState.getWebAppDomain());
// Finally, redirect to the service provider endpoint
return Response.seeOther(targetURI).header("Set-Cookie", contextCookie).build();
}