public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException HTTPContext httpContext = (HTTPContext) request.getContext(); ResponseType responseType = (ResponseType) request.getSAML2Object(); List<RTChoiceType> assertions = responseType.getAssertions(); if (assertions.size() == 0) throw new IllegalStateException(ErrorCodes.NULL_VALUE + "No assertions in reply from IDP"); PrivateKey privateKey = (PrivateKey) request.getOptions().get(GeneralConstants.DECRYPTING_KEY); request.addOption(GeneralConstants.ASSERTION, assertion);
protected void setRequestOptions(SAML2HandlerRequest saml2HandlerRequest) throws TrustKeyConfigurationException, TrustKeyProcessingException { if (spConfiguration != null) { Map<String, Object> requestOptions = new HashMap<String, Object>(); requestOptions.put(GeneralConstants.CONFIGURATION, spConfiguration); if(auditHelper != null){ requestOptions.put(GeneralConstants.AUDIT_HELPER, auditHelper); } if (keyManager != null) { PublicKey validatingKey = getIDPPublicKey(); requestOptions.put(GeneralConstants.SENDER_PUBLIC_KEY, validatingKey); requestOptions.put(GeneralConstants.DECRYPTING_KEY, keyManager.getSigningKey()); } requestOptions.put(GeneralConstants.SUPPORTS_SIGNATURES, this.spConfiguration.isSupportsSignature()); saml2HandlerRequest.setOptions(requestOptions); } }
public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response, IDPType idpConfiguration) throws ProcessingException { String issuer = request.getIssuer().getValue(); trustIssuer(idpConfiguration, issuer); }
@Override public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException { Map<String, Object> requestOptions = request.getOptions(); Boolean ignoreSignatures = (Boolean) requestOptions.get(GeneralConstants.IGNORE_SIGNATURES); if (ignoreSignatures == Boolean.TRUE) return; Document signedDocument = request.getRequestDocument(); if (trace) { log.trace("Document for validation=" + DocumentUtil.asString(signedDocument)); } PublicKey publicKey = (PublicKey) request.getOptions().get(GeneralConstants.SENDER_PUBLIC_KEY); boolean isValid = this.validateSender(signedDocument, publicKey); if (!isValid) throw constructSignatureException(); }
@SuppressWarnings("unchecked") public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException { // Do not handle log out request interaction if (request.getSAML2Object() instanceof LogoutRequestType) return; // only handle IDP side if (getType() == HANDLER_TYPE.SP) return; HTTPContext httpContext = (HTTPContext) request.getContext(); HttpSession session = httpContext.getRequest().getSession(false); Principal userPrincipal = (Principal) session.getAttribute(GeneralConstants.PRINCIPAL_ID); if (userPrincipal == null) userPrincipal = httpContext.getRequest().getUserPrincipal(); Map<String, Object> attribs = (Map<String, Object>) session.getAttribute(GeneralConstants.ATTRIBUTES); if (attribs == null) { attribs = this.attribManager.getAttributes(userPrincipal, attributeKeys); request.addOption(GeneralConstants.ATTRIBUTES, attribs); session.setAttribute(GeneralConstants.ATTRIBUTES, attribs); } }
public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException { HTTPContext httpContext = (HTTPContext) request.getContext(); ServletContext servletContext = httpContext.getServletContext(); AuthnRequestType art = (AuthnRequestType) request.getSAML2Object(); if (art == null) throw logger.samlHandlerAuthnRequestIsNull(); boolean strictPostBinding = request.getOptions().get(GeneralConstants.SAML_IDP_STRICT_POST_BINDING) != null && (Boolean) request.getOptions().get(GeneralConstants.SAML_IDP_STRICT_POST_BINDING); boolean postBindingForResponse = isPost || strictPostBinding; response.setRelayState(request.getRelayState()); response.setPostBindingForResponse(postBindingForResponse); } catch (Exception e) {
saml2HandlerRequest.setRelayState(relayState); if (StringUtil.isNotNull(loginType)) { saml2HandlerRequest.addOption(GeneralConstants.LOGIN_TYPE, loginType); saml2HandlerRequest.setOptions(requestOptions);
saml2HandlerRequest.setOptions(options); saml2HandlerRequest.setRelayState(relayState);
saml2HandlerRequest.addOption(GeneralConstants.CONTEXT_PATH, httpContext.getServletContext().getContextPath()); saml2HandlerRequest.addOption(GeneralConstants.SUPPORTS_SIGNATURES, this.spConfiguration.isSupportsSignature()); saml2HandlerRequest.setTypeOfRequestToBeGenerated(GENERATE_REQUEST_TYPE.LOGOUT); else saml2HandlerRequest.setTypeOfRequestToBeGenerated(GENERATE_REQUEST_TYPE.AUTH); handler.generateSAMLRequest(saml2HandlerRequest, saml2HandlerResponse);
Map<String, Object> requestOptions = request.getOptions(); PicketLinkAuditHelper auditHelper = (PicketLinkAuditHelper) requestOptions.get(GeneralConstants.AUDIT_HELPER); Boolean ignoreSignatures = (Boolean) requestOptions.get(GeneralConstants.IGNORE_SIGNATURES); return; Document signedDocument = request.getRequestDocument(); PublicKey publicKey = (PublicKey) request.getOptions().get(GeneralConstants.SENDER_PUBLIC_KEY); try { boolean isValid; HTTPContext httpContext = (HTTPContext) request.getContext(); boolean isPost = httpContext.getRequest().getMethod().equalsIgnoreCase("POST");
public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException HTTPContext httpContext = (HTTPContext) request.getContext(); ServletContext servletContext = httpContext.getServletContext(); AuthnRequestType art = (AuthnRequestType) request.getSAML2Object(); if (art == null) throw new ProcessingException(ErrorCodes.NULL_VALUE + "AuthnRequest is null"); response.setRelayState(request.getRelayState()); response.setPostBindingForResponse(isPost);
/** * <p> * Indicates if this handler supports the specified {@link SAML2HandlerRequest}. * </p> * * @param request * * @return */ private boolean supportsRequest(SAML2HandlerRequest request) { return getType() == HANDLER_TYPE.IDP && (request.getSAML2Object() instanceof AuthnRequestType); }
public static HttpSession getHttpSession(SAML2HandlerRequest request) { HTTPContext context = (HTTPContext) request.getContext(); return context.getRequest().getSession(false); } }
private SAML2HandlerResponse processHandlersChain(HTTPContext httpContext, Set<SAML2Handler> handlers, Lock chainLock, SAMLDocumentHolder documentHolder) throws ConfigurationException, ProcessingException, TrustKeyConfigurationException, TrustKeyProcessingException, IOException { // Create the request/response SAML2HandlerRequest saml2HandlerRequest = getSAML2HandlerRequest(documentHolder, httpContext); SAML2HandlerResponse saml2HandlerResponse = new DefaultSAML2HandlerResponse(); SAMLHandlerChainProcessor chainProcessor = new SAMLHandlerChainProcessor(handlers); // Set some request options setRequestOptions(saml2HandlerRequest); saml2HandlerRequest.addOption(GeneralConstants.CONTEXT_PATH, httpContext.getServletContext().getContextPath()); saml2HandlerRequest.addOption(GeneralConstants.SUPPORTS_SIGNATURES, this.spConfiguration.isSupportsSignature()); chainProcessor.callHandlerChain(documentHolder.getSamlObject(), saml2HandlerRequest, saml2HandlerResponse, httpContext, chainLock); return saml2HandlerResponse; }
private Boolean isIgnoreSignature(SAML2HandlerRequest request) { Map<String, Object> requestOptions = request.getOptions(); Boolean ignoreSignatures = (Boolean) requestOptions.get(GeneralConstants.IGNORE_SIGNATURES); if (ignoreSignatures == null){ ignoreSignatures = Boolean.FALSE; } //TODO: check signatures for GLO logout requests when using a backchannel if (SAML2LogOutHandler.isBackChannelLogoutRequest(request)) { return Boolean.TRUE; } return ignoreSignatures; }
saml2HandlerRequest.setTypeOfRequestToBeGenerated(GENERATE_REQUEST_TYPE.LOGOUT); else saml2HandlerRequest.setTypeOfRequestToBeGenerated(GENERATE_REQUEST_TYPE.AUTH); handler.generateSAMLRequest(saml2HandlerRequest, saml2HandlerResponse); if (trace)
public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException { HTTPContext httpContext = (HTTPContext) request.getContext(); ServletContext servletContext = httpContext.getServletContext(); AuthnRequestType art = (AuthnRequestType) request.getSAML2Object(); if (art == null) throw logger.samlHandlerAuthnRequestIsNull(); boolean strictPostBinding = request.getOptions().get(GeneralConstants.SAML_IDP_STRICT_POST_BINDING) != null && (Boolean) request.getOptions().get(GeneralConstants.SAML_IDP_STRICT_POST_BINDING); boolean postBindingForResponse = isPost || strictPostBinding; response.setRelayState(request.getRelayState()); response.setPostBindingForResponse(postBindingForResponse); } catch (Exception e) {
saml2HandlerRequest.setRelayState(relayState); if (StringUtil.isNotNull(loginType)) { saml2HandlerRequest.addOption(GeneralConstants.LOGIN_TYPE, loginType); saml2HandlerRequest.setOptions(requestOptions);
saml2HandlerRequest.setOptions(options); saml2HandlerRequest.setRelayState(relayState);