/** * Gets a url to redirect to if there is an IDP initiated login. Looks for a redirectTo query param first, then looks * in RelayState, if not in either defaults to context path. * * @param facade * @param contextPath * @param baseUri * @return */ public static String getRedirectTo(HttpFacade facade, String contextPath, String baseUri) { String redirectTo = facade.getRequest().getQueryParamValue("redirectTo"); if (redirectTo != null && !redirectTo.isEmpty()) { return buildRedirectTo(baseUri, redirectTo); } else { redirectTo = facade.getRequest().getFirstParam(GeneralConstants.RELAY_STATE); if (redirectTo != null) { int index = redirectTo.indexOf("redirectTo="); if (index >= 0) { String to = redirectTo.substring(index + "redirectTo=".length()); index = to.indexOf(';'); if (index >=0) { to = to.substring(0, index); } return buildRedirectTo(baseUri, to); } } if (contextPath.isEmpty()) baseUri += "/"; return baseUri; } }
@Override public String getRedirectUri() { String redirect = (String)getSession(true).getAttribute(SAML_REDIRECT_URI); if (redirect == null) { String contextPath = request.getContextPath(); String baseUri = KeycloakUriBuilder.fromUri(request.getRequestURL().toString()).replacePath(contextPath).build().toString(); return SamlUtil.getRedirectTo(facade, contextPath, baseUri); } return redirect; }
@Override protected void sendAuthnRequest(HttpFacade httpFacade, SAML2AuthnRequestBuilder authnRequestBuilder, BaseSAML2BindingBuilder binding) throws ProcessingException, ConfigurationException, IOException { if (isAutodetectedBearerOnly(httpFacade.getRequest())) { httpFacade.getResponse().setStatus(401); httpFacade.getResponse().end(); } else { Document document = authnRequestBuilder.toDocument(); SamlDeployment.Binding samlBinding = deployment.getIDP().getSingleSignOnService().getRequestBinding(); SamlUtil.sendSaml(true, httpFacade, deployment.getIDP().getSingleSignOnService().getRequestBindingUrl(), binding, document, samlBinding); } } };
SamlUtil.sendSaml(false, facade, deployment.getIDP().getSingleLogoutService().getResponseBindingUrl(), binding, builder.buildDocument(), deployment.getIDP().getSingleLogoutService().getResponseBinding()); } catch (Exception e) {
SamlUtil.sendSaml(true, facade, deployment.getIDP().getSingleLogoutService().getRequestBindingUrl(), binding, logoutBuilder.buildDocument(), deployment.getIDP().getSingleLogoutService().getRequestBinding()); sessionStore.setCurrentAction(SamlSessionStore.CurrentAction.LOGGING_OUT); } catch (Exception e) {