Package org.picketlink.identity.federation.core.saml.v2.common

Examples of org.picketlink.identity.federation.core.saml.v2.common.SAMLProtocolContext

121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
            event.error(Errors.INVALID_TOKEN);
            return Flows.forwardToSecurityFailurePage(session, realm, uriInfo, "Invalid Request");
        }

        protected Response handleSamlRequest(String samlRequest, String relayState) {
            SAMLDocumentHolder documentHolder = extractDocument(samlRequest);
            if (documentHolder == null) {
                event.event(EventType.LOGIN);
                event.error(Errors.INVALID_TOKEN);
                return Flows.forwardToSecurityFailurePage(session, realm, uriInfo, "Invalid Request");
            }

            SAML2Object samlObject = documentHolder.getSamlObject();

            RequestAbstractType requestAbstractType = (RequestAbstractType)samlObject;
            String issuer = requestAbstractType.getIssuer().getValue();
            ClientModel client = realm.findClient(issuer);
View Full Code Here
164
165
166
167
168
169
170
171
        SAMLParser samlParser = new SAMLParser();
        JAXPValidationUtil.checkSchemaValidation(samlDocument);
        SAML2Object requestType = (SAML2Object) samlParser.parse(DocumentUtil.getNodeAsStream(samlDocument));

        samlDocumentHolder = new SAMLDocumentHolder(requestType, samlDocument);
        return requestType;
    }
View Full Code Here
189
190
191
192
193
194
195
196
        SAMLParser samlParser = new SAMLParser();
        JAXPValidationUtil.checkSchemaValidation(samlDocument);
        RequestAbstractType requestType = (RequestAbstractType) samlParser.parse(DocumentUtil.getNodeAsStream(samlDocument));

        samlDocumentHolder = new SAMLDocumentHolder(requestType, samlDocument);
        return requestType;
    }
View Full Code Here
214
215
216
217
218
219
220
221
        SAMLParser samlParser = new SAMLParser();
        JAXPValidationUtil.checkSchemaValidation(samlDocument);

        AuthnRequestType requestType = (AuthnRequestType) samlParser.parse(DocumentUtil.getNodeAsStream(samlDocument));
        samlDocumentHolder = new SAMLDocumentHolder(requestType, samlDocument);
        return requestType;
    }
View Full Code Here
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
            session.removeAttribute(GeneralConstants.SAML_RESPONSE_KEY);

            if (isNotNull(relayState))
                session.removeAttribute(GeneralConstants.RELAY_STATE);

            SAMLDocumentHolder samlDocumentHolder = null;
            SAML2Object samlObject = null;
            String destination = null;
            Document samlResponse = null;

            if (samlResponseMessage != null) {
                StatusResponseType statusResponseType = null;
                try {
                    samlDocumentHolder = webRequestUtil.getSAMLDocumentHolder(samlResponseMessage);
                    samlObject = samlDocumentHolder.getSamlObject();

                    boolean isPost = webRequestUtil.hasSAMLRequestInPostProfile();
                    boolean isValid = validate(request.getRemoteAddr(), request.getQueryString(), new SessionHolder(
                            samlResponseMessage, null), isPost);

                    if (!isValid)
                        throw new GeneralSecurityException("Validation check failed");

                    String issuer = null;
                    IssuerInfoHolder idpIssuer = new IssuerInfoHolder(this.identityURL);
                    ProtocolContext protocolContext = new HTTPContext(request, response, context);
                    // Create the request/response
                    SAML2HandlerRequest saml2HandlerRequest = new DefaultSAML2HandlerRequest(protocolContext,
                            idpIssuer.getIssuer(), samlDocumentHolder, HANDLER_TYPE.IDP);

                    saml2HandlerRequest.setRelayState(relayState);

                    SAML2HandlerResponse saml2HandlerResponse = new DefaultSAML2HandlerResponse();

                    Set<SAML2Handler> handlers = chain.handlers();

                    if (samlObject instanceof StatusResponseType) {
                        statusResponseType = (StatusResponseType) samlObject;
                        issuer = statusResponseType.getIssuer().getValue();
                        webRequestUtil.isTrusted(issuer);

                        if (handlers != null) {
                            for (SAML2Handler handler : handlers) {
                                handler.reset();
                                handler.handleStatusResponseType(saml2HandlerRequest, saml2HandlerResponse);
                                willSendRequest = saml2HandlerResponse.getSendRequest();
                            }
                        }
                    } else
                        throw new RuntimeException(ErrorCodes.UNSUPPORTED_TYPE + "Unknown type:"
                                + samlObject.getClass().getName());

                    samlResponse = saml2HandlerResponse.getResultingDocument();
                    relayState = saml2HandlerResponse.getRelayState();

                    destination = saml2HandlerResponse.getDestination();
                } catch (Exception e) {
                    throw new RuntimeException(e);
                }

            } else
            // Send valid saml response after processing the request
            if (samlRequestMessage != null) {
                // Get the SAML Request Message
                RequestAbstractType requestAbstractType = null;

                try {
                    samlDocumentHolder = webRequestUtil.getSAMLDocumentHolder(samlRequestMessage);
                    samlObject = samlDocumentHolder.getSamlObject();

                    boolean isPost = webRequestUtil.hasSAMLRequestInPostProfile();
                    boolean isValid = validate(request.getRemoteAddr(), request.getQueryString(), new SessionHolder(
                            samlRequestMessage, null), isPost);
View Full Code Here
79
80
81
82
83
84
85
86
87
88
89
     * @throws ParsingException
     * @throws ConfigurationException
     */
    public SAML2HandlerResponse process(String samlResponse, HTTPContext httpContext, Set<SAML2Handler> handlers, Lock chainLock)
            throws ProcessingException, IOException, ParsingException, ConfigurationException {
        SAMLDocumentHolder documentHolder = getSAMLDocumentHolder(samlResponse);

        SAML2HandlerResponse saml2HandlerResponse = processHandlersChain(httpContext, handlers, chainLock, documentHolder);

        return saml2HandlerResponse;
    }
View Full Code Here
80
81
82
83
84
85
86
87
88
89
90
    public boolean process(String samlRequest, HTTPContext httpContext, Set<SAML2Handler> handlers, Lock chainLock)
            throws ProcessingException, IOException, ParsingException, ConfigurationException {
        SAML2Request saml2Request = new SAML2Request();
        SAML2HandlerResponse saml2HandlerResponse = null;
        SAML2Object samlObject = null;
        SAMLDocumentHolder documentHolder = null;

        if (this.postBinding) {
            // we got a logout request from IDP
            InputStream is = PostBindingUtil.base64DecodeAsStream(samlRequest);
            samlObject = saml2Request.getSAML2ObjectFromStream(is);
View Full Code Here
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
        SecurityManager sm = System.getSecurityManager();
        if (sm != null)
            sm.checkPermission(PicketLinkCoreSTS.rte);

        SAMLProtocolContext samlProtocolContext = (SAMLProtocolContext) context;

        NameIDType issuerID = samlProtocolContext.getIssuerID();
        XMLGregorianCalendar issueInstant;
        try {
            issueInstant = XMLTimeUtil.getIssueInstant();
        } catch (ConfigurationException e) {
            throw logger.processingError(e);
        }
        ConditionsType conditions = samlProtocolContext.getConditions();
        SubjectType subject = samlProtocolContext.getSubjectType();
        List<StatementAbstractType> statements = samlProtocolContext.getStatements();

        // generate an id for the new assertion.
        String assertionID = IDGenerator.create("ID_");

        AssertionType assertionType = SAMLAssertionFactory.createAssertion(assertionID, issuerID, issueInstant, conditions,
                subject, statements);

        try {
            AssertionUtil.createTimedConditions(assertionType, ASSERTION_VALIDITY, CLOCK_SKEW);
        } catch (ConfigurationException e) {
            throw logger.processingError(e);
        } catch (IssueInstantMissingException e) {
            throw logger.processingError(e);
        }

        try {
            this.tokenRegistry.addToken(assertionID, assertionType);
        } catch (IOException e) {
            throw logger.processingError(e);
        }
        samlProtocolContext.setIssuedAssertion(assertionType);
    }
View Full Code Here
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
        SecurityManager sm = System.getSecurityManager();
        if (sm != null)
            sm.checkPermission(PicketLinkCoreSTS.rte);

        SAMLProtocolContext samlProtocolContext = (SAMLProtocolContext) context;

        AssertionType issuedAssertion = samlProtocolContext.getIssuedAssertion();

        try {
            XMLGregorianCalendar currentTime = XMLTimeUtil.getIssueInstant();
            issuedAssertion.updateIssueInstant(currentTime);
        } catch (ConfigurationException e) {
            throw logger.processingError(e);
        }

        try {
            AssertionUtil.createTimedConditions(issuedAssertion, ASSERTION_VALIDITY, CLOCK_SKEW);
        } catch (ConfigurationException e) {
            throw logger.processingError(e);
        } catch (IssueInstantMissingException e) {
            throw logger.processingError(e);
        }

        try {
            this.tokenRegistry.addToken(issuedAssertion.getID(), issuedAssertion);
        } catch (IOException e) {
            throw logger.processingError(e);
        }
        samlProtocolContext.setIssuedAssertion(issuedAssertion);
    }
View Full Code Here
191
192
193
194
195
196
197
198
199
200
201
202
        SecurityManager sm = System.getSecurityManager();
        if (sm != null)
            sm.checkPermission(PicketLinkCoreSTS.rte);

        SAMLProtocolContext samlProtocolContext = (SAMLProtocolContext) context;
        AssertionType issuedAssertion = samlProtocolContext.getIssuedAssertion();
        try {
            this.tokenRegistry.removeToken(issuedAssertion.getID());
        } catch (IOException e) {
            throw logger.processingError(e);
        }
View Full Code Here
TOP

Related Classes of org.picketlink.identity.federation.core.saml.v2.common.SAMLProtocolContext

  • org.jboss.security.xacml.core.model.context.ObjectFactory
  • org.jboss.security.xacml.core.model.context.RequestType
  • org.jboss.security.xacml.core.model.context.ResponseType
  • org.keycloak.protocol.saml.SALM2LoginResponseBuilder
  • org.keycloak.protocol.saml.SAML2ErrorResponseBuilder
  • org.picketlink.identity.federation.api.saml.v2.request.SAML2Request
  • org.picketlink.identity.federation.api.saml.v2.response.SAML2Response
  • org.picketlink.identity.federation.bindings.tomcat.idp.AbstractIDPValve
  • org.picketlink.identity.federation.bindings.tomcat.sp.AbstractSPFormAuthenticator
  • org.picketlink.identity.federation.bindings.tomcat.sp.BaseFormAuthenticator
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.