@Override
protected ResponseType getResponse(Request request, Principal userPrincipal)
throws ParsingException, ConfigurationException, ProcessingException
{
SAML2Response saml2Response = new SAML2Response();
ResponseType responseType = super.getResponse(request, userPrincipal);
//If there is a configuration to encrypt
if(this.idpConfiguration.isEncrypt())
{
//Need to encrypt the assertion
String sp = responseType.getDestination();
if(sp == null)
throw new IllegalStateException("Unable to handle encryption as SP url is null");
try
{
URL spurl = new URL(sp);
PublicKey publicKey = keyManager.getValidatingKey(spurl.getHost());
EncryptionType enc = idpConfiguration.getEncryption();
if(enc == null)
throw new IllegalStateException("EncryptionType not configured");
String encAlgo = enc.getEncAlgo().value();
int keyLength = enc.getKeySize();
//Generate a key on the fly
SecretKey sk = keyManager.getEncryptionKey(spurl.getHost(), encAlgo, keyLength);
StringWriter sw = new StringWriter();
saml2Response.marshall(responseType, sw);
Document responseDoc = DocumentUtil.getDocument(new StringReader(sw.toString()));
String assertionNS = JBossSAMLURIConstants.ASSERTION_NSURI.get();
QName assertionQName = new QName(assertionNS, "EncryptedAssertion", "saml");
Element encAssertion = XMLEncryptionUtil.encryptElementInDocument(responseDoc,
publicKey, sk, keyLength, assertionQName, true);
EncryptedElementType eet = saml2Response.getEncryptedAssertion(DocumentUtil.getNodeAsStream(encAssertion));
responseType.getAssertionOrEncryptedAssertion().set(0, eet);
}
catch (MalformedURLException e)
{
throw new ParsingException(e);
}
catch (JAXBException e)
{
throw new ParsingException(e);
}
catch (SAXException e)
{
throw new ParsingException(e);
}
catch (ParserConfigurationException e)
{
throw new ConfigurationException(e);
}
catch (IOException e)
{
throw new ProcessingException(e);
}
catch (TransformerFactoryConfigurationError e)
{
throw new ConfigurationException(e);
}
catch (TransformerException e)
{
throw new ProcessingException(e);
}
catch (Exception e)
{
throw new ProcessingException(e);
}
}
//Lets see how the response looks like
if(log.isTraceEnabled())
{
StringWriter sw = new StringWriter();
try
{
saml2Response.marshall(responseType, sw);
}
catch (JAXBException e)
{
if(trace) log.trace(e);
}