Examples of org.opensaml.saml1.core.Response

• org.opensaml.saml2.core.Response
  This interface defines how the object representing a SAML1 Response element behaves.

        Status status =
            SAML2PResponseComponentBuilder.createStatus(
                SAMLProtocolResponseValidator.SAML2_STATUSCODE_SUCCESS, null
            );
        Response response =
            SAML2PResponseComponentBuilder.createSAMLResponse(
                "http://cxf.apache.org/saml", "http://cxf.apache.org/issuer", status
            );

        // Create an AuthenticationAssertion
        SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
        callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);
        callbackHandler.setIssuer("http://cxf.apache.org/issuer");
        callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);

        callbackHandler.setSubjectConfirmationData(subjectConfirmationData);

        ConditionsBean conditions = new ConditionsBean();
        conditions.setNotBefore(new DateTime());
        conditions.setNotAfter(new DateTime().plusMinutes(5));

        AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
        audienceRestriction.setAudienceURIs(Collections.singletonList("http://service.apache.org"));
        conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction));
        callbackHandler.setConditions(conditions);

        SAMLCallback samlCallback = new SAMLCallback();
        SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
        SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);

        response.getAssertions().add(assertion.getSaml2());

        Element policyElement = OpenSAMLUtil.toDom(response, doc);
        doc.appendChild(policyElement);
        assertNotNull(policyElement);

                                                         spDO, authnReqDTO.getRpSessionId());
            }

            //Build the response for the successful scenario
            ResponseBuilder respBuilder = new ResponseBuilder();
            Response response = respBuilder.buildResponse(authnReqDTO, sessionId);
            SAMLSSORespDTO samlssoRespDTO = new SAMLSSORespDTO();
            samlssoRespDTO.setRespString(SAMLSSOUtil.encode(SAMLSSOUtil.marshall(response)));
            samlssoRespDTO.setSessionEstablished(true);
            samlssoRespDTO.setAssertionConsumerURL(authnReqDTO.getAssertionConsumerURL());
            samlssoRespDTO.setLoginPageURL(authnReqDTO.getLoginPageURL());

    }

    private SAMLSSORespDTO buildErrorResponse(String id, String status, String statMsg) throws Exception {
        SAMLSSORespDTO samlSSORespDTO = new SAMLSSORespDTO();
        ErrorResponseBuilder errRespBuilder = new ErrorResponseBuilder();
        Response resp = errRespBuilder.buildResponse(id, status, statMsg);
        samlSSORespDTO.setRespString(SAMLSSOUtil.encode(SAMLSSOUtil.marshall(resp)));
        samlSSORespDTO.setSessionEstablished(false);
        return samlSSORespDTO;
    }

     * @return decoded response
     * @throws IdentityException
     */
    private String buildErrorResponse(String status, String message) throws Exception {
        ErrorResponseBuilder respBuilder = new ErrorResponseBuilder();
        Response response = respBuilder.buildResponse(authnReq.getID(), status, message);
        return SAMLSSOUtil.encode(SAMLSSOUtil.marshall(response));
    }

    static {
        SAMLSSOUtil.doBootstrap();
    }

    public Response buildResponse(SAMLSSOAuthnReqDTO authReqDTO, String sessionId) throws IdentityException {
        Response response = new org.opensaml.saml2.core.impl.ResponseBuilder().buildObject();
        response.setID(SAMLSSOUtil.createID());
        response.setStatus(buildStatus(SAMLSSOConstants.StatusCodes.SUCCESS_CODE, null));
        response.setVersion(SAMLVersion.VERSION_20);
        DateTime issueInstant = new DateTime();
        DateTime notOnOrAfter = new DateTime(issueInstant.getMillis() + 5 * 60 * 1000);
        response.setIssueInstant(issueInstant);
        response.getAssertions().add(buildSAMLAssertion(authReqDTO, notOnOrAfter, sessionId));
        if (authReqDTO.getDoSignAssertions()) {
            SAMLSSOUtil.setSignature(response, XMLSignature.ALGO_ID_SIGNATURE_RSA,
                    new SignKeyDataHolder(authReqDTO.getUsername()));
        }
        return response;

    public static final Log log = LogFactory.getLog(SAML2SSOAuthenticator.class);

    public boolean login(AuthnReqDTO authDto) {
        HttpSession httpSession = getHttpSession();
        try {
            Response response = (Response) Util.unmarshall(authDto.getResponse());
            String username = getUsernameFromResponse(response);

            if ((username == null) || username.trim().equals("")) {
                log.info("Authentication Request is rejected. " +
                         "SAMLResponse does not contain the username of the subject.");

     * @throws IOException  Error when redirecting
     */
    private void handleSAMLResponses(HttpServletRequest req, HttpServletResponse resp,
                                     XMLObject samlObject)
            throws ServletException, IOException, SAML2SSOUIAuthenticatorException {
        Response samlResponse;
        samlResponse = (Response) samlObject;
        List<Assertion> assertions = samlResponse.getAssertions();
        Assertion assertion = null;
        if (assertions != null && assertions.size() > 0) {
            assertion = assertions.get(0);
        }

    public boolean authenticate(Object o) throws AuthenticationException {
        boolean isAuthenticated = false;
        HttpServletRequest request = (HttpServletRequest) o;
        HttpSession session = request.getSession();
        Response samlResponse = (Response) request.getAttribute(SAML2SSOAuthenticatorConstants.HTTP_ATTR_SAML2_RESP_TOKEN);
        String responseStr = request.getParameter(SAML2SSOAuthenticatorConstants.HTTP_POST_PARAM_SAML2_RESP);
        String username = getUsernameFromResponse(samlResponse);
        ServletContext servletContext = request.getSession().getServletContext();
        ConfigurationContext configContext = (ConfigurationContext) servletContext.getAttribute(
                CarbonConstants.CONFIGURATION_CONTEXT);

public class ResponseUnmarshaller extends StatusResponseTypeUnmarshaller {

    /** {@inheritDoc} */
    protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject)
            throws UnmarshallingException {
        Response resp = (Response) parentSAMLObject;

        if (childSAMLObject instanceof Assertion) {
            resp.getAssertions().add((Assertion) childSAMLObject);
        } else if (childSAMLObject instanceof EncryptedAssertion) {
            resp.getEncryptedAssertions().add((EncryptedAssertion) childSAMLObject);
        } else {
            super.processChildElement(parentSAMLObject, childSAMLObject);
        }
    }

        SAMLObject message = context.getInboundSAMLMessage();

        if (!(message instanceof Response)) {
            throw new SamlException("Response instance is an unsupported type");
        }
        Response response = (Response) message;

        validateSamlProtocolResponse(response, context, engine);

        if (decrypter != null) {
            decryptEncryptedAssertions(response, decrypter);