Package org.picketlink.identity.federation.api.saml.v2.response

Examples of org.picketlink.identity.federation.api.saml.v2.response.SecurityActions


    }

    private class SPLogOutHandler {
        public void generateSAMLRequest(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException {
            // Generate the LogOut Request
            SAML2Request samlRequest = new SAML2Request();

            HTTPContext httpContext = (HTTPContext) request.getContext();
            HttpServletRequest httpRequest = httpContext.getRequest();
      Principal userPrincipal = (Principal) httpRequest.getSession()
          .getAttribute(GeneralConstants.PRINCIPAL_ID);

      if (userPrincipal == null) {
        userPrincipal = httpRequest.getUserPrincipal();
            }

            if (userPrincipal == null) {
                throw logger.samlHandlerPrincipalNotFoundError();
            }

      try {
                LogoutRequestType lot = samlRequest.createLogoutRequest(request.getIssuer().getValue());

                NameIDType nameID = new NameIDType();
                nameID.setValue(userPrincipal.getName());
                lot.setNameID(nameID);
               
                SPType spConfiguration = (SPType) getProviderconfig();
                String logoutUrl = spConfiguration.getLogoutUrl();
               
                if (logoutUrl == null) {
                    logoutUrl = spConfiguration.getIdentityURL();
                }
               
                lot.setDestination(URI.create(logoutUrl));
               
                populateSessionIndex(httpRequest, lot);
               
                response.setResultingDocument(samlRequest.convert(lot));
                response.setSendRequest(true);
            } catch (Exception e) {
                throw logger.processingError(e);
            }
        }
View Full Code Here


    private Document issueSAMLAssertion() throws ConfigurationException, ProcessingException {
        NameIDType issuerNameID = new NameIDType();

        issuerNameID.setValue(IDENTITY_PROVIDER_URL);

        SAML2Request samlRequest = new SAML2Request();

        AuthnRequestType authnRequestType = samlRequest.createAuthnRequestType("AuthnRequest_FAKE_ID",
                SERVICE_PROVIDER_URL, SERVICE_PROVIDER_URL,
                SERVICE_PROVIDER_URL);

        DefaultSAML2HandlerRequest handlerAuthnRequest = new DefaultSAML2HandlerRequest(new HTTPContext(
                new MockHttpServletRequest(new MockHttpSession(), "POST"), new MockHttpServletResponse(), servletContext),
View Full Code Here

                // Are we going to send Request to IDP?
                boolean willSendRequest = false;

                try {
                    SAML2Request saml2Request = new SAML2Request();
                    SAML2Object samlObject = saml2Request.getSAML2ObjectFromStream(is);
                    SAMLDocumentHolder documentHolder = saml2Request.getSamlDocumentHolder();

                    if (!ignoreSignatures) {
                        if (!verifySignature(documentHolder))
                            throw new ServletException(ErrorCodes.INVALID_DIGITAL_SIGNATURE + "Cannot verify sender");
                    }
View Full Code Here

     * @throws MarshalException
     * @throws GeneralSecurityException
     */
    public Document sign(RequestAbstractType request, KeyPair keypair) throws SAXException, IOException,
            ParserConfigurationException, GeneralSecurityException, MarshalException, XMLSignatureException {
        SAML2Request saml2Request = new SAML2Request();
        Document doc = saml2Request.convert(request);
        doc.normalize();

        Node theSibling = getNextSiblingOfIssuer(doc);
        if (theSibling != null) {
            this.sibling = theSibling;
View Full Code Here

        if (serviceURL == null)
            throw new IllegalArgumentException(ErrorCodes.NULL_ARGUMENT + "serviceURL");
        if (identityURL == null)
            throw new IllegalArgumentException(ErrorCodes.NULL_ARGUMENT + "identityURL");

        SAML2Request saml2Request = new SAML2Request();
        String id = IDGenerator.create("ID_");
        return saml2Request.createAuthnRequestType(id, serviceURL, identityURL, serviceURL);
    }
View Full Code Here

        return saml2Request.createAuthnRequestType(id, serviceURL, identityURL, serviceURL);
    }

    protected void sendRequestToIDP(AuthnRequestType authnRequest, String relayState, HttpServletResponse response)
            throws IOException, SAXException, GeneralSecurityException {
        SAML2Request saml2Request = new SAML2Request();
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        saml2Request.marshall(authnRequest, baos);

        String samlMessage = PostBindingUtil.base64Encode(baos.toString());
        String destination = authnRequest.getDestination().toASCIIString();
        PostBindingUtil.sendPost(new DestinationInfoHolder(destination, samlMessage, relayState), response, true);
    }
View Full Code Here

                // send logout request to participant with relaystate to orig
                response.setRelayState(relayState);

                response.setDestination(nextParticipant);

                SAML2Request saml2Request = new SAML2Request();
                try {
                    LogoutRequestType lort = saml2Request.createLogoutRequest(request.getIssuer().getValue());
                    response.setResultingDocument(saml2Request.convert(lort));
                    response.setSendRequest(true);
                } catch (Exception e) {
                    throw logger.processingError(e);
                }
            }
View Full Code Here

            String relayState = httpContext.getRequest().getParameter(GeneralConstants.RELAY_STATE);

            LogoutRequestType logOutRequest = (LogoutRequestType) request.getSAML2Object();
            String issuer = logOutRequest.getIssuer().getValue();
            try {
                SAML2Request saml2Request = new SAML2Request();

                ServletContext servletCtx = httpContext.getServletContext();
                IdentityServer server = (IdentityServer) servletCtx.getAttribute(GeneralConstants.IDENTITY_SERVER);

                if (server == null)
                    throw logger.samlHandlerIdentityServerNotFoundError();

                String originalIssuer = (relayState == null) ? issuer : relayState;

                String participant = this.getParticipant(server, sessionID, originalIssuer);

                if (participant == null || participant.equals(originalIssuer)) {
                    // All log out is done
                    session.invalidate();
                    server.stack().pop(sessionID);

                    generateSuccessStatusResponseType(logOutRequest.getID(), request, response, originalIssuer);

                    boolean isPost = isPostBindingForResponse(server, participant, request);
                    response.setPostBindingForResponse(isPost);

                    response.setSendRequest(false);
                } else {
                    // Put the participant in transit mode
                    server.stack().registerTransitParticipant(sessionID, participant);

                    if (relayState == null) {
                         relayState = originalIssuer;
                    }

                    // send logout request to participant with relaystate to orig
                    response.setRelayState(originalIssuer);

                    response.setDestination(participant);

                    boolean isPost = isPostBindingForResponse(server, participant, request);
                    response.setPostBindingForResponse(isPost);

                    LogoutRequestType lort = saml2Request.createLogoutRequest(request.getIssuer().getValue());

                    Principal userPrincipal = httpServletRequest.getUserPrincipal();
                    if (userPrincipal == null) {
                        throw logger.samlHandlerPrincipalNotFoundError();
                    }
                    NameIDType nameID = new NameIDType();
                    nameID.setValue(userPrincipal.getName());
                    lort.setNameID(nameID);

                    long assertionValidity = PicketLinkCoreSTS.instance().getConfiguration().getIssuedTokenTimeout();

                    lort.setNotOnOrAfter(XMLTimeUtil.add(lort.getIssueInstant(), assertionValidity));
                    lort.setDestination(URI.create(participant));

                    response.setResultingDocument(saml2Request.convert(lort));
                    response.setSendRequest(true);
                }
            } catch (ParserConfigurationException pe) {
                throw logger.processingError(pe);
            } catch (ConfigurationException pe) {
View Full Code Here

     * Test the encoding/decoding of a SAML2 AuthnRequest with signature support
     *
     * @throws Exception
     */
    public void testSigUseCase() throws Exception {
        SAML2Request samlRequest = new SAML2Request();

        AuthnRequestType authnRequest = samlRequest.createAuthnRequestType(IDGenerator.create("ID_"), "http://sp",
                "http://idp", "http://sp");

        KeyPair kp = KeyStoreUtil.generateKeyPair("RSA");

        PrivateKey signingKey = kp.getPrivate();
View Full Code Here

     * Test the encoding/decoding of a SAML2 AuthnRequest
     *
     * @throws Exception
     */
    public void testRegularRedirectBindingUseCaseWithStringWriter() throws Exception {
        AuthnRequestType authnRequest = (new SAML2Request()).createAuthnRequestType(IDGenerator.create("ID_"), "http://sp",
                "http://idp", "http://sp");

        StringWriter sw = new StringWriter();
        SAML2Request saml2Request = new SAML2Request();
        saml2Request.marshall(authnRequest, sw);

        String request = RedirectBindingUtil.deflateBase64URLEncode(sw.toString());

        InputStream is = RedirectBindingUtil.urlBase64DeflateDecode(request);

        RequestAbstractType parsed = saml2Request.getRequestType(is);
        assertNotNull("Parsed request is not null", parsed);
        assertTrue("AuthnRequestType", parsed instanceof AuthnRequestType);
    }
View Full Code Here

TOP

Related Classes of org.picketlink.identity.federation.api.saml.v2.response.SecurityActions

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.