Package org.apache.cxf.rs.security.saml.sso.state

Examples of org.apache.cxf.rs.security.saml.sso.state.RequestState


        }
        if (relayState.getBytes().length < 0 || relayState.getBytes().length > 80) {
            reportError("INVALID_RELAY_STATE");
            throw new WebApplicationException(400);
        }
        RequestState requestState = getStateProvider().removeRequestState(relayState);
        if (requestState == null) {
            reportError("MISSING_REQUEST_STATE");
            throw new WebApplicationException(400);
        }
        if (isStateExpired(requestState.getCreatedAt(), 0)) {
            reportError("EXPIRED_REQUEST_STATE");
            throw new WebApplicationException(400);
        }
        return requestState;
    }
View Full Code Here


    }
   
    protected Response doProcessSamlResponse(String encodedSamlResponse,
                                          String relayState,
                                          boolean postBinding) {
        RequestState requestState = processRelayState(relayState);
        URI targetURI = getTargetURI(requestState.getTargetAddress());
       
        org.opensaml.saml2.core.Response samlResponse =
            readSAMLResponse(postBinding, encodedSamlResponse);

        // Validate the Response
        validateSamlResponseProtocol(samlResponse);
        SSOValidatorResponse validatorResponse =
            validateSamlSSOResponse(postBinding, samlResponse, requestState);
       
        // Set the security context
        String securityContextKey = UUID.randomUUID().toString();
       
        long currentTime = System.currentTimeMillis();
        Date notOnOrAfter = validatorResponse.getSessionNotOnOrAfter();
        long expiresAt = 0;
        if (notOnOrAfter != null) {
            expiresAt = notOnOrAfter.getTime();
        } else {
            expiresAt = currentTime + getStateTimeToLive();
        }
       
        ResponseState responseState =
            new ResponseState(validatorResponse.getAssertion(),
                              relayState,
                              requestState.getWebAppContext(),
                              requestState.getWebAppDomain(),
                              currentTime,
                              expiresAt);
        getStateProvider().setResponseState(securityContextKey, responseState);
       
        String contextCookie = createCookie(SSOConstants.SECURITY_CONTEXT_TOKEN,
                                            securityContextKey,
                                            requestState.getWebAppContext(),
                                            requestState.getWebAppDomain());
       
        // Finally, redirect to the service provider endpoint
        return Response.seeOther(targetURI).header("Set-Cookie", contextCookie).build();
       
    }
View Full Code Here

        }
        if (relayState.getBytes().length < 0 || relayState.getBytes().length > 80) {
            reportError("INVALID_RELAY_STATE");
            throw ExceptionUtils.toBadRequestException(null, null);
        }
        RequestState requestState = getStateProvider().removeRequestState(relayState);
        if (requestState == null) {
            reportError("MISSING_REQUEST_STATE");
            throw ExceptionUtils.toBadRequestException(null, null);
        }
        if (isStateExpired(requestState.getCreatedAt(), 0)) {
            reportError("EXPIRED_REQUEST_STATE");
            throw ExceptionUtils.toBadRequestException(null, null);
        }
        return requestState;
    }
View Full Code Here

        info.setSamlRequest(authnRequestEncoded);
       
        String webAppContext = getWebAppContext(m);
        String originalRequestURI = new UriInfoImpl(m).getRequestUri().toString();
       
        RequestState requestState = new RequestState(originalRequestURI,
                                                     getIdpServiceAddress(),
                                                     authnRequest.getID(),
                                                     getIssuerId(m),
                                                     webAppContext,
                                                     getWebAppDomain(),
View Full Code Here

    }
   
    protected Response doProcessSamlResponse(String encodedSamlResponse,
                                          String relayState,
                                          boolean postBinding) {
        RequestState requestState = processRelayState(relayState);
        URI targetURI = getTargetURI(requestState.getTargetAddress());
       
        org.opensaml.saml2.core.Response samlResponse =
            readSAMLResponse(postBinding, encodedSamlResponse);

        // Validate the Response
        validateSamlResponseProtocol(samlResponse);
        SSOValidatorResponse validatorResponse =
            validateSamlSSOResponse(postBinding, samlResponse, requestState);
       
        // Set the security context
        String securityContextKey = UUID.randomUUID().toString();
       
        long currentTime = System.currentTimeMillis();
        Date notOnOrAfter = validatorResponse.getSessionNotOnOrAfter();
        long expiresAt = 0;
        if (notOnOrAfter != null) {
            expiresAt = notOnOrAfter.getTime();
        } else {
            expiresAt = currentTime + getStateTimeToLive();
        }
       
        ResponseState responseState =
            new ResponseState(validatorResponse.getAssertion(),
                              relayState,
                              requestState.getWebAppContext(),
                              requestState.getWebAppDomain(),
                              currentTime,
                              expiresAt);
        getStateProvider().setResponseState(securityContextKey, responseState);
       
        String contextCookie = createCookie(SSOConstants.SECURITY_CONTEXT_TOKEN,
                                            securityContextKey,
                                            requestState.getWebAppContext(),
                                            requestState.getWebAppDomain());
       
        // Finally, redirect to the service provider endpoint
        return Response.seeOther(targetURI).header("Set-Cookie", contextCookie).build();
       
    }
View Full Code Here

        }
        if (relayState.getBytes().length < 0 || relayState.getBytes().length > 80) {
            reportError("INVALID_RELAY_STATE");
            throw new BadRequestException();
        }
        RequestState requestState = getStateProvider().removeRequestState(relayState);
        if (requestState == null) {
            reportError("MISSING_REQUEST_STATE");
            throw new WebApplicationException(400);
        }
        if (isStateExpired(requestState.getCreatedAt(), 0)) {
            reportError("EXPIRED_REQUEST_STATE");
            throw new BadRequestException();
        }
        return requestState;
    }
View Full Code Here

    }
   
    protected Response doProcessSamlResponse(String encodedSamlResponse,
                                          String relayState,
                                          boolean postBinding) {
        RequestState requestState = processRelayState(relayState);
        URI targetURI = getTargetURI(requestState.getTargetAddress());
       
        org.opensaml.saml2.core.Response samlResponse =
            readSAMLResponse(postBinding, encodedSamlResponse);

        // Validate the Response
        validateSamlResponseProtocol(samlResponse);
        SSOValidatorResponse validatorResponse =
            validateSamlSSOResponse(postBinding, samlResponse, requestState);
       
        // Set the security context
        String securityContextKey = UUID.randomUUID().toString();
       
        long currentTime = System.currentTimeMillis();
        Date notOnOrAfter = validatorResponse.getSessionNotOnOrAfter();
        long expiresAt = 0;
        if (notOnOrAfter != null) {
            expiresAt = notOnOrAfter.getTime();
        } else {
            expiresAt = currentTime + getStateTimeToLive();
        }
       
        ResponseState responseState =
            new ResponseState(validatorResponse.getAssertion(),
                              relayState,
                              requestState.getWebAppContext(),
                              requestState.getWebAppDomain(),
                              currentTime,
                              expiresAt);
        getStateProvider().setResponseState(securityContextKey, responseState);
       
        String contextCookie = createCookie(SSOConstants.SECURITY_CONTEXT_TOKEN,
                                            securityContextKey,
                                            requestState.getWebAppContext(),
                                            requestState.getWebAppDomain());
       
        // Finally, redirect to the service provider endpoint
        return Response.seeOther(targetURI).header("Set-Cookie", contextCookie).build();
       
    }
View Full Code Here

        }
        if (relayState.getBytes().length < 0 || relayState.getBytes().length > 80) {
            reportError("INVALID_RELAY_STATE");
            throw new BadRequestException();
        }
        RequestState requestState = getStateProvider().removeRequestState(relayState);
        if (requestState == null) {
            reportError("MISSING_REQUEST_STATE");
            throw new WebApplicationException(400);
        }
        if (isStateExpired(requestState.getCreatedAt(), 0)) {
            reportError("EXPIRED_REQUEST_STATE");
            throw new BadRequestException();
        }
        return requestState;
    }
View Full Code Here

        info.setSamlRequest(authnRequestEncoded);
       
        String webAppContext = getWebAppContext(m);
        String originalRequestURI = new UriInfoImpl(m).getRequestUri().toString();
       
        RequestState requestState = new RequestState(originalRequestURI,
                                                     getIdpServiceAddress(),
                                                     authnRequest.getID(),
                                                     getIssuerId(m),
                                                     webAppContext,
                                                     getWebAppDomain(),
View Full Code Here

        info.setSamlRequest(authnRequestEncoded);
       
        String webAppContext = getWebAppContext(m);
        String originalRequestURI = new UriInfoImpl(m).getRequestUri().toString();
       
        RequestState requestState = new RequestState(originalRequestURI,
                                                     getIdpServiceAddress(),
                                                     authnRequest.getID(),
                                                     getIssuerId(m),
                                                     webAppContext,
                                                     getWebAppDomain(),
View Full Code Here

TOP

Related Classes of org.apache.cxf.rs.security.saml.sso.state.RequestState

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.