if (endpointCtx == null || endpointCtx.getEndpoint() == null || (endpointCtx.getEndpoint().getLocation() == null && endpointCtx.getEndpoint().getResponseLocation() == null)) { log.debug("No SAMLEndpointContext or endpoint location available, error must be handled locally"); return true;
decodedCtx.getSAMLEndpointContext().setEndpoint(acsService); decodedCtx.getSAMLSelfEndpointContext().setEndpoint(context.getSAMLSelfEndpointContext().getEndpoint()); decodedCtx.getSAMLSelfEntityContext().setRole(context.getSAMLSelfEntityContext().getRole());
endpointContext.setEndpoint(resolvedEndpoint);
/** * Prepare peer entity saml endpoint. * * @param request the authn request * @param outboundContext the outbound context * @param adaptor the adaptor * @param binding the binding * @throws SamlException the saml exception */ public static void preparePeerEntitySamlEndpointContext(final RequestAbstractType request, final MessageContext outboundContext, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor, final String binding) throws SamlException { val entityId = adaptor.getEntityId(); if (!adaptor.containsAssertionConsumerServices()) { throw new SamlException("No assertion consumer service could be found for entity " + entityId); } val peerEntityContext = outboundContext.getSubcontext(SAMLPeerEntityContext.class, true); if (peerEntityContext == null) { throw new SamlException("SAMLPeerEntityContext could not be defined for entity " + entityId); } peerEntityContext.setEntityId(entityId); val endpointContext = peerEntityContext.getSubcontext(SAMLEndpointContext.class, true); if (endpointContext == null) { throw new SamlException("SAMLEndpointContext could not be defined for entity " + entityId); } val endpoint = determineEndpointForRequest(request, adaptor, binding); LOGGER.debug("Configured peer entity endpoint to be [{}] with binding [{}]", endpoint.getLocation(), endpoint.getBinding()); endpointContext.setEndpoint(endpoint); }
outboundContext.getSAMLEndpointContext().setEndpoint(acsService); outboundContext.getSAMLPeerEndpointContext().setEndpoint(getEndpoint(context));
return false; } else { final Endpoint endpoint = context.getSAMLEndpointContext().getEndpoint(); if (endpoint == null) { logger.warn("No endpoint was found in the SAML endpoint context");
protected void verifyRequest(final AuthnRequest request, final SAML2MessageContext context) { // Verify endpoint requested in the original request final AssertionConsumerService assertionConsumerService = (AssertionConsumerService) context.getSAMLEndpointContext() .getEndpoint(); if (request.getAssertionConsumerServiceIndex() != null) { if (!request.getAssertionConsumerServiceIndex().equals(assertionConsumerService.getIndex())) { logger.warn("Response was received at a different endpoint index than was requested"); } } else { final String requestedResponseURL = request.getAssertionConsumerServiceURL(); final String requestedBinding = request.getProtocolBinding(); if (requestedResponseURL != null) { final String responseLocation; if (assertionConsumerService.getResponseLocation() != null) { responseLocation = assertionConsumerService.getResponseLocation(); } else { responseLocation = assertionConsumerService.getLocation(); } if (!requestedResponseURL.equals(responseLocation)) { logger.warn("Response was received at a different endpoint URL {} than was requested {}", responseLocation, requestedResponseURL); } } if (requestedBinding != null && !requestedBinding.equals(context.getSAMLBindingContext().getBindingUri())) { logger.warn("Response was received using a different binding {} than was requested {}", context.getSAMLBindingContext().getBindingUri(), requestedBinding); } } }
final Endpoint endpoint = endpointContext.getEndpoint(); if (endpoint == null) { throw new BindingException("Endpoint for relying party was null.");
verifyEndpoint(context.getSAMLEndpointContext().getEndpoint(), response.getDestination()); if (request != null) { verifyRequest(request, context);