/** {@inheritDoc} */ @Override protected void doInvoke(MessageContext messageContext) throws MessageHandlerException { messageContext.getSubcontext(SAMLProtocolContext.class, true).setProtocol(samlProtocol); messageContext.getSubcontext(entityContextClass, true).setRole(peerRole); }
/** {@inheritDoc} */ @Override @Nullable public String apply(@Nullable final SAMLProtocolContext input) { if (input != null) { return input.getProtocol(); } else { return null; } }
outboundContext.getSAMLProtocolContext().setProtocol(context.getSAMLProtocolContext().getProtocol()); outboundContext.getSecurityParametersContext() .setSignatureSigningParameters(this.signatureSigningParametersProvider.build(spDescriptor));
protected final void addTransportContext(final WebContext webContext, final SAML2MessageContext context) { final ProfileRequestContext profile = context.getProfileRequestContext(); profile.setOutboundMessageContext(prepareOutboundMessageContext(webContext)); context.getSAMLProtocolContext().setProtocol(SAMLConstants.SAML20P_NS); final ProfileRequestContext request = context.getProfileRequestContext(); request.setProfileId(SAML2_WEBSSO_PROFILE_URI); if (this.samlMessageStorageFactory != null) { logger.debug("Creating message storage by {}", this.samlMessageStorageFactory.getClass().getName()); context.setSAMLMessageStorage(this.samlMessageStorageFactory.getMessageStorage(webContext)); } }
/** {@inheritDoc} */ @Override protected boolean doPreInvoke(@Nonnull final MessageContext messageContext) throws MessageHandlerException { if (!super.doPreInvoke(messageContext)) { return false; } peerContext = messageContext.getSubcontext(SAMLPeerEntityContext.class); if (peerContext == null || peerContext.getRole() == null) { throw new MessageHandlerException("SAMLPeerEntityContext was missing or unpopulated"); } samlProtocolContext = messageContext.getSubcontext(SAMLProtocolContext.class); if (samlProtocolContext == null || samlProtocolContext.getProtocol() == null) { throw new MessageHandlerException("SAMLProtocolContext was missing or unpopulated"); } return true; }
peer.setRole(roleDescriptor.getElementQName()); val protocol = context.getSubcontext(SAMLProtocolContext.class, true); protocol.setProtocol(SAMLConstants.SAML20P_NS);
/** {@inheritDoc} */ @Override @Nonnull protected CriteriaSet buildCriteriaSet(@Nullable final String entityID, @Nonnull final MessageContext messageContext) throws MessageHandlerException { final CriteriaSet criteriaSet = super.buildCriteriaSet(entityID, messageContext); try { log.trace("Attempting to build criteria based on contents of entity contxt class of type: {}", entityContextClass.getName()); final AbstractAuthenticatableSAMLEntityContext entityContext = messageContext.getSubcontext(entityContextClass); Constraint.isNotNull(entityContext, "Required authenticatable SAML entity context was not present " + "in message context: " + entityContextClass.getName()); Constraint.isNotNull(entityContext.getRole(), "SAML entity role was null"); criteriaSet.add(new EntityRoleCriterion(entityContext.getRole())); final SAMLProtocolContext protocolContext = messageContext.getSubcontext(SAMLProtocolContext.class); Constraint.isNotNull(protocolContext, "SAMLProtocolContext was null"); Constraint.isNotNull(protocolContext.getProtocol(), "SAML protocol was null"); criteriaSet.add(new ProtocolCriterion(protocolContext.getProtocol())); } catch (final ConstraintViolationException e) { throw new MessageHandlerException(e); } return criteriaSet; }
/** {@inheritDoc} */ @Override protected void doDecode() throws MessageDecodingException { final HttpServletRequest request = getHttpServletRequest(); if (request == null) { throw new MessageDecodingException("Unable to locate HttpServletRequest"); } final ResolverTestRequest message = new ResolverTestRequest(getPrincipal(request), getRequesterId(request), getIndex(request), getProtocol(request)); final MessageContext<ResolverTestRequest> messageContext = new MessageContext<>(); messageContext.setMessage(message); setMessageContext(messageContext); final SAMLPeerEntityContext peerCtx = new SAMLPeerEntityContext(); peerCtx.setRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME); peerCtx.setEntityId(message.getRequesterId()); messageContext.addSubcontext(peerCtx, true); if (message.getProtocol() != null) { messageContext.getSubcontext(SAMLProtocolContext.class, true).setProtocol(message.getProtocol()); } }
/** {@inheritDoc} */ @Override @Nonnull protected CriteriaSet buildCriteriaSet(@Nullable final String entityID, @Nonnull final MessageContext messageContext) throws MessageHandlerException { final CriteriaSet criteriaSet = new CriteriaSet(); if (!Strings.isNullOrEmpty(entityID)) { criteriaSet.add(new EntityIdCriterion(entityID) ); } criteriaSet.add(new EntityRoleCriterion(peerContext.getRole())); criteriaSet.add(new ProtocolCriterion(samlProtocolContext.getProtocol())); criteriaSet.add( new UsageCriterion(UsageType.SIGNING) ); final SecurityParametersContext secParamsContext = messageContext.getSubcontext(SecurityParametersContext.class); if (secParamsContext != null && secParamsContext.getSignatureValidationParameters() != null) { criteriaSet.add( new SignatureValidationParametersCriterion(secParamsContext.getSignatureValidationParameters())); } return criteriaSet; }
/** {@inheritDoc} */ @Override protected void doDecode() throws MessageDecodingException { final HttpServletRequest request = getHttpServletRequest(); if (request == null) { throw new MessageDecodingException("Unable to locate HttpServletRequest"); } final MetadataQueryRequest message = new MetadataQueryRequest(); message.setEntityID(getEntityID(request)); message.setProtocol(getProtocol(request)); final MessageContext<MetadataQueryRequest> messageContext = new MessageContext<>(); messageContext.setMessage(message); setMessageContext(messageContext); final SAMLPeerEntityContext peerCtx = new SAMLPeerEntityContext(); peerCtx.setRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME); peerCtx.setEntityId(message.getEntityID()); messageContext.addSubcontext(peerCtx, true); if (message.getProtocol() != null) { messageContext.getSubcontext(SAMLProtocolContext.class, true).setProtocol(message.getProtocol()); } }
/** * Build a criteria set suitable for input to the trust engine. * * @param entityID the candidate issuer entity ID which is being evaluated * @param messageContext the message context which is being evaluated * @return a newly constructly set of criteria suitable for the configured trust engine * @throws MessageHandlerException thrown if criteria set can not be constructed */ @Nonnull protected CriteriaSet buildCriteriaSet(@Nullable final String entityID, @Nonnull final MessageContext messageContext) throws MessageHandlerException { final CriteriaSet criteriaSet = new CriteriaSet(); if (!Strings.isNullOrEmpty(entityID)) { criteriaSet.add(new EntityIdCriterion(entityID)); } criteriaSet.add(new EntityRoleCriterion(peerContext.getRole())); criteriaSet.add(new ProtocolCriterion(samlProtocolContext.getProtocol())); criteriaSet.add(new UsageCriterion(UsageType.SIGNING)); final SecurityParametersContext secParamsContext = messageContext.getSubcontext(SecurityParametersContext.class); if (secParamsContext != null && secParamsContext.getSignatureValidationParameters() != null) { criteriaSet.add( new SignatureValidationParametersCriterion(secParamsContext.getSignatureValidationParameters())); } return criteriaSet; }
context.getSAMLSelfProtocolContext().setProtocol(SAMLConstants.SAML20P_NS); context.getSAMLSelfProtocolContext().setProtocol(SAMLConstants.SAML20P_NS);
if (protocolCtx != null && protocolCtx.getProtocol() != null) { protocolCriterion = new ProtocolCriterion(protocolCtx.getProtocol());
/** {@inheritDoc} */ @Override protected boolean doPreInvoke(@Nonnull final MessageContext messageContext) throws MessageHandlerException { if (!super.doPreInvoke(messageContext)) { return false; } peerContext = messageContext.getSubcontext(SAMLPeerEntityContext.class); if (peerContext == null || peerContext.getRole() == null) { throw new MessageHandlerException("SAMLPeerEntityContext was missing or unpopulated"); } samlProtocolContext = messageContext.getSubcontext(SAMLProtocolContext.class); if (samlProtocolContext == null || samlProtocolContext.getProtocol() == null) { throw new MessageHandlerException("SAMLProtocolContext was missing or unpopulated"); } final SecurityParametersContext secParams = messageContext.getSubcontext(SecurityParametersContext.class); if (secParams == null || secParams.getSignatureValidationParameters() == null || secParams.getSignatureValidationParameters().getSignatureTrustEngine() == null) { throw new MessageHandlerException("No SignatureTrustEngine was available from the MessageContext"); } else { trustEngine = secParams.getSignatureValidationParameters().getSignatureTrustEngine(); } return true; }