/** {@inheritDoc} */ @Override protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext) { final MessageContext msgCtx = new MessageContext(); profileRequestContext.setOutboundMessageContext(msgCtx); final SAMLSelfEntityContext selfContext = msgCtx.getSubcontext(SAMLSelfEntityContext.class, true); selfContext.setEntityId(selfIdentityLookupStrategy.apply(profileRequestContext)); final SAMLPeerEntityContext peerContext = msgCtx.getSubcontext(SAMLPeerEntityContext.class, true); peerContext.setEntityId(peerEntityCtx.getEntityId()); final SAMLMetadataContext inboundMetadataCtx = peerEntityCtx.getSubcontext(SAMLMetadataContext.class); if (inboundMetadataCtx != null) { final SAMLMetadataContext outboundMetadataCtx = peerContext.getSubcontext(SAMLMetadataContext.class, true); outboundMetadataCtx.setEntityDescriptor(inboundMetadataCtx.getEntityDescriptor()); outboundMetadataCtx.setRoleDescriptor(inboundMetadataCtx.getRoleDescriptor()); final AttributeConsumingServiceContext acsCtx = inboundMetadataCtx.getSubcontext(AttributeConsumingServiceContext.class); if (null != acsCtx) { outboundMetadataCtx.getSubcontext(AttributeConsumingServiceContext.class, true) .setAttributeConsumingService(acsCtx.getAttributeConsumingService()); } } log.debug("{} Initialized outbound message context", getLogPrefix()); } }
@Override protected Event doExecute( final @Nonnull RequestContext springRequestContext, final @Nonnull ProfileRequestContext profileRequestContext) { final RelyingPartyContext rpCtx = profileRequestContext.getSubcontext(RelyingPartyContext.class, false); if (rpCtx == null) { throw new IllegalStateException("RelyingPartyContext not found"); } final SAMLMetadataContext mdCtx = new SAMLMetadataContext(); final Service service = getCASService(profileRequestContext); final EntityDescriptor entity = service.getEntityDescriptor() != null ? service.getEntityDescriptor() : new ServiceEntityDescriptor(service); mdCtx.setEntityDescriptor(entity); rpCtx.setRelyingPartyIdContextTree(mdCtx); return null; } }
/** {@inheritDoc} */ @Override protected boolean doPreExecute(final ProfileRequestContext profileRequestContext) { if (!super.doPreExecute(profileRequestContext)) { return false; } final SAMLMetadataContext metadataContext = metadataContextLookupStrategy.apply(profileRequestContext); if (null == metadataContext) { return false; } entityDescriptor = metadataContext.getEntityDescriptor(); if (null == entityDescriptor) { return false; } final RoleDescriptor roleDescriptor = metadataContext.getRoleDescriptor(); if (roleDescriptor instanceof SPSSODescriptor) { spSSODescriptor = (SPSSODescriptor) roleDescriptor; } final AttributeConsumingServiceContext acsCtx = metadataContext.getSubcontext(AttributeConsumingServiceContext.class); if (null != acsCtx) { acsDesriptor = acsCtx.getAttributeConsumingService(); } return true; }
roleDescriptor = samlMetadataContext.getRoleDescriptor(); if (roleDescriptor == null) { log.debug("No RoleDescriptor was available, skipping further delegation processing"); samlMetadataContext.getSubcontext(AttributeConsumingServiceContext.class); if (acsContext != null) { attributeConsumingService = acsContext.getAttributeConsumingService();
metadataContext.setEntityDescriptor(entityDescriptor); metadataContext.setRoleDescriptor(roleDescriptor);
final SAMLMetadataContext metadataCtx = new SAMLMetadataContext(); metadataCtx.setEntityDescriptor((EntityDescriptor) roleMetadata.getParent()); metadataCtx.setRoleDescriptor(roleMetadata);
public final SPSSODescriptor getSPSSODescriptor() { final SAMLMetadataContext selfContext = getSAMLSelfMetadataContext(); final SPSSODescriptor spDescriptor = (SPSSODescriptor) selfContext.getRoleDescriptor(); return spDescriptor; }
decodedCtx.getSAMLEndpointContext().setEndpoint(acsService); final EntityDescriptor metadata = context.getSAMLPeerMetadataContext().getEntityDescriptor(); if (metadata == null) { throw new SAMLException("IDP Metadata cannot be null"); decodedCtx.getSAMLSelfMetadataContext().setRoleDescriptor(context.getSPSSODescriptor());
/** {@inheritDoc} */ @Override @Nullable public EntityDescriptor apply(@Nullable SAMLMetadataContext input) { if (null == input) { return null; } return input.getEntityDescriptor(); }
metadataCtx.setEntityDescriptor((EntityDescriptor) roleMetadata.getParent()); metadataCtx.setRoleDescriptor(roleMetadata);
public final IDPSSODescriptor getIDPSSODescriptor() { final SAMLMetadataContext peerContext = getSAMLPeerMetadataContext(); final IDPSSODescriptor idpssoDescriptor = (IDPSSODescriptor) peerContext.getRoleDescriptor(); return idpssoDescriptor; }
log.debug("{} No metadata context found, nothing to do", getLogPrefix()); return; } else if (!(metadataContext.getRoleDescriptor() instanceof SPSSODescriptor)) { log.debug("{} Metadata context did not contain an SPSSODescriptor, nothing to do", getLogPrefix()); return; final SPSSODescriptor ssoDescriptor = (SPSSODescriptor) metadataContext.getRoleDescriptor(); metadataContext.getSubcontext( AttributeConsumingServiceContext.class, true).setAttributeConsumingService(acs); } else {
/** {@inheritDoc} */ @Override @Nullable public Boolean apply(@Nullable final RelyingPartyContext input) { final BaseContext ctx = input != null ? input.getRelyingPartyIdContextTree() : null; if (ctx != null) { if (ctx instanceof SAMLPeerEntityContext || ctx instanceof SAMLSelfEntityContext) { final SAMLMetadataContext mc = ctx.getSubcontext(SAMLMetadataContext.class); if (mc != null) { return mc.getEntityDescriptor() != null; } } } return false; }
final SAMLMetadataContext outboundMetadataCtx = peerContext.getSubcontext(SAMLMetadataContext.class, true); outboundMetadataCtx.setEntityDescriptor(inboundMetadataCtx.getEntityDescriptor()); outboundMetadataCtx.setRoleDescriptor(inboundMetadataCtx.getRoleDescriptor());
protected final void addContext(final SAML2MetadataResolver entityId, final BaseContext parentContext, final QName elementName) { final EntityDescriptor entityDescriptor; final RoleDescriptor roleDescriptor; try { final CriteriaSet set = new CriteriaSet(); set.add(new EntityIdCriterion(entityId.getEntityId())); entityDescriptor = this.metadata.resolveSingle(set); if (entityDescriptor == null) { throw new SAMLException("Cannot find entity " + entityId.getEntityId() + " in metadata provider"); } final List<RoleDescriptor> list = entityDescriptor.getRoleDescriptors(elementName, SAMLConstants.SAML20P_NS); roleDescriptor = CommonHelper.isNotEmpty(list) ? list.get(0) : null; if (roleDescriptor == null) { throw new SAMLException("Cannot find entity " + entityId + " or role " + elementName + " in metadata provider"); } } catch (final ResolverException e) { throw new SAMLException("An error occured while getting IDP descriptors", e); } final SAMLMetadataContext mdCtx = parentContext.getSubcontext(SAMLMetadataContext.class, true); mdCtx.setEntityDescriptor(entityDescriptor); mdCtx.setRoleDescriptor(roleDescriptor); } }
@Nonnull @Override protected Event doExecute(@Nonnull final RequestContext springRequestContext, @Nonnull final ProfileRequestContext profileRequestContext) { final RelyingPartyContext rpCtx = profileRequestContext.getSubcontext(RelyingPartyContext.class, false); if (rpCtx == null) { throw new OIDCException("Relying party context not found in the profile request"); } if (rpCtx.getRelyingPartyId() == null) { throw new OIDCException("Relying party id is blank"); } final SAMLMetadataContext mdCtx = new SAMLMetadataContext(); log.debug("Created client entity descriptor for {}", rpCtx.getRelyingPartyId()); final EntityDescriptor clientEntityDescriptor = new ClientEntityDescriptor(rpCtx.getRelyingPartyId()); mdCtx.setEntityDescriptor(clientEntityDescriptor); rpCtx.setRelyingPartyIdContextTree(mdCtx); return Events.Success.event(this); } }
/** {@inheritDoc} */ @Override @Nullable public SSODescriptor apply(@Nullable final ProfileRequestContext input) { if (input != null && input.getInboundMessageContext() != null) { final SAMLPeerEntityContext peerCtx = input.getInboundMessageContext().getSubcontext(SAMLPeerEntityContext.class); if (peerCtx != null) { SAMLMetadataContext mdCtx = peerCtx.getSubcontext(SAMLMetadataContext.class); if (mdCtx != null && mdCtx.getRoleDescriptor() != null && mdCtx.getRoleDescriptor() instanceof SSODescriptor) { return (SSODescriptor) mdCtx.getRoleDescriptor(); } else { log.debug("No SAMLMetadataContext or SSODescriptor role available"); } } else { log.debug("No SAMLPeerEntityContext available"); } } else { log.debug("No inbound message context available"); } return null; } }
if (metadataContext == null || metadataContext.getRoleDescriptor() == null) { log.warn("SAMLPeerContext did not contain either a SAMLMetadataContext or a RoleDescriptor, " + "unable to evaluate rule"); if (!(metadataContext.getRoleDescriptor() instanceof SPSSODescriptor)) { log.warn("RoleDescriptor was not an SPSSODescriptor, it was a {}. Unable to evaluate rule", metadataContext.getRoleDescriptor().getClass().getName()); return; SPSSODescriptor spssoRole = (SPSSODescriptor) metadataContext.getRoleDescriptor();
if (metadataCtx != null && metadataCtx.getRoleDescriptor() != null) { log.debug("{} Adding metadata to resolution criteria for signing/digest algorithms", getLogPrefix()); criteria.add(new RoleDescriptorCriterion(metadataCtx.getRoleDescriptor()));
if (metadataCtx != null && metadataCtx.getRoleDescriptor() != null) { log.debug("{} Adding role metadata to resolution criteria", getLogPrefix()); criteria.add(new RoleDescriptorCriterion(metadataCtx.getRoleDescriptor()));