private void sign(Document samlDocument, SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException { if (!isSupportsSignature(request)) { return; } // Get the Key Pair KeyPair keypair = (KeyPair) this.handlerChainConfig.getParameter(GeneralConstants.KEYPAIR); X509Certificate x509Certificate = (X509Certificate) this.handlerChainConfig.getParameter(GeneralConstants.X509CERTIFICATE); if (keypair == null) { logger.samlHandlerKeyPairNotFound(); throw logger.samlHandlerKeyPairNotFoundError(); } if (response.isPostBindingForResponse()) { logger.trace("Going to sign response document with POST binding type"); signPost(samlDocument, keypair, x509Certificate); } else { logger.trace("Going to sign response document with REDIRECT binding type"); String destinationQueryString = signRedirect(samlDocument, response.getRelayState(), keypair, response.getSendRequest()); response.setDestinationQueryStringWithSignature(destinationQueryString); } }
public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException { Document responseDocument = response.getResultingDocument(); if (responseDocument == null) { logger.trace("No response document found"); return; } this.sign(responseDocument, request, response); }
/** * @see org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2Handler#handleStatusResponseType(org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest, org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse) */ @Override public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException { HttpSession session = BaseSAML2Handler.getHttpSession(request); if (session != null) { List<String> roles = response.getRoles(); if (roles != null) { session.setAttribute(GeneralConstants.ROLES_ID, roles); } } }
public void callHandlerChain(SAML2Object samlObject, SAML2HandlerRequest saml2HandlerRequest, SAML2HandlerResponse saml2HandlerResponse, HTTPContext httpContext, Lock chainLock) throws ProcessingException, IOException { try { chainLock.lock(); // Deal with handler chains for (SAML2Handler handler : handlers) { if (saml2HandlerResponse.isInError()) { httpContext.getResponse().sendError(saml2HandlerResponse.getErrorCode()); break; } if (samlObject instanceof RequestAbstractType) { handler.handleRequestType(saml2HandlerRequest, saml2HandlerResponse); } else { handler.handleStatusResponseType(saml2HandlerRequest, saml2HandlerResponse); } } } finally { chainLock.unlock(); } } }
SAML2HandlerResponse saml2HandlerResponse = new DefaultSAML2HandlerResponse(); saml2HandlerResponse.setDestination(identityURL); if (saml2HandlerResponse.isInError()) httpContext.getResponse().sendError(saml2HandlerResponse.getErrorCode()); break;
saml2HandlerResponse.setPostBindingForResponse(postBinding); Document samlResponseDocument = saml2HandlerResponse.getResultingDocument(); String relayState = saml2HandlerResponse.getRelayState(); String destination = saml2HandlerResponse.getDestination(); boolean willSendRequest = saml2HandlerResponse.getSendRequest(); sendRequestToIDP(destination, samlResponseDocument, relayState, httpContext.getResponse(), willSendRequest); } else { String destinationQuery = saml2HandlerResponse.getDestinationQueryStringWithSignature(); boolean areWeSendingRequest = saml2HandlerResponse.getSendRequest(); String samlMsg = DocumentUtil.getDocumentAsString(samlResponseDocument);
saml2HandlerResponse.setDestination(identityURL); if (saml2HandlerResponse.isInError()) response.sendError(saml2HandlerResponse.getErrorCode()); break; Document samlResponseDocument = saml2HandlerResponse.getResultingDocument(); String relayState = saml2HandlerResponse.getRelayState(); String destination = saml2HandlerResponse.getDestination(); saml2HandlerResponse.getSendRequest()); if (saml2HandlerResponse.isInError()) response.sendError(saml2HandlerResponse.getErrorCode()); break; Document samlResponseDocument = saml2HandlerResponse.getResultingDocument(); String relayState = saml2HandlerResponse.getRelayState(); String destination = saml2HandlerResponse.getDestination(); if (saml2HandlerResponse.isInError()) response.sendError(saml2HandlerResponse.getErrorCode()); break;
response.setDestination(getProviderconfig().getIdentityURL()); } else { generateSuccessStatusResponseType(logOutRequest.getID(), request, response, originalIssuer); response.setPostBindingForResponse(isPost); response.setRelayState(originalIssuer); response.setDestination(participant); response.setPostBindingForResponse(isPost); response.setResultingDocument(new SAML2Request().convert(lort)); response.setSendRequest(true);
response.getDestination(), issuerValue); response.setResultingDocument(samlRequest.convert(authn)); response.setSendRequest(true);
saml2HandlerResponse.setPostBindingForResponse(postBinding); saml2HandlerResponse.setDestination(identityURL); saml2HandlerResponse.setDestination(logoutUrl); if (saml2HandlerResponse.isInError()) { httpContext.getResponse().sendError(saml2HandlerResponse.getErrorCode()); break;
private void generateSuccessStatusResponseType(String logOutRequestID, SAML2HandlerRequest request, SAML2HandlerResponse response, String originalIssuer) throws ConfigurationException, ParserConfigurationException, ProcessingException { logger.trace("Generating Success Status Response for " + originalIssuer); StatusResponseType statusResponse = new StatusResponseType(IDGenerator.create("ID_"), XMLTimeUtil.getIssueInstant()); // Status StatusType statusType = new StatusType(); StatusCodeType statusCodeType = new StatusCodeType(); statusCodeType.setValue(URI.create(JBossSAMLURIConstants.STATUS_SUCCESS.get())); statusType.setStatusCode(statusCodeType); statusResponse.setStatus(statusType); statusResponse.setInResponseTo(logOutRequestID); statusResponse.setIssuer(request.getIssuer()); try { SAML2Response saml2Response = new SAML2Response(); response.setResultingDocument(saml2Response.convert(statusResponse)); } catch (ParsingException je) { throw logger.processingError(je); } response.setDestination(originalIssuer); }
saml2HandlerResponse.setPostBindingForResponse(postBinding); Document samlResponseDocument = saml2HandlerResponse.getResultingDocument(); String relayState = saml2HandlerResponse.getRelayState(); String destination = saml2HandlerResponse.getDestination(); boolean willSendRequest = saml2HandlerResponse.getSendRequest(); sendRequestToIDP(destination, samlResponseDocument, relayState, httpContext.getResponse(), willSendRequest); } else { String destinationQuery = saml2HandlerResponse.getDestinationQueryStringWithSignature(); boolean areWeSendingRequest = saml2HandlerResponse.getSendRequest(); String samlMsg = DocumentUtil.getDocumentAsString(samlResponseDocument);
saml2HandlerResponse.setDestination(identityURL); for (SAML2Handler handler : handlers) { handler.reset(); if (saml2HandlerResponse.isInError()) { response.sendError(saml2HandlerResponse.getErrorCode()); break; Document samlResponseDocument = saml2HandlerResponse.getResultingDocument(); String relayState = saml2HandlerResponse.getRelayState(); String destination = saml2HandlerResponse.getDestination(); saml2HandlerResponse.getSendRequest()); } catch (Exception e) { if (trace) if (saml2HandlerResponse.isInError()) { response.sendError(saml2HandlerResponse.getErrorCode()); break; Document samlResponseDocument = saml2HandlerResponse.getResultingDocument(); String relayState = saml2HandlerResponse.getRelayState(); String destination = saml2HandlerResponse.getDestination(); if (saml2HandlerResponse.isInError()) { response.sendError(saml2HandlerResponse.getErrorCode()); break;
log.trace("Destination=" + destination); response.setDestination(destination); identityServer.stack().register(session.getId(), destination, isPost); response.setResultingDocument(samlResponse); response.setRelayState(request.getRelayState()); response.setPostBindingForResponse(isPost);
response.getDestination(), issuerValue); response.setResultingDocument(samlRequest.convert(authn)); response.setSendRequest(true);
saml2HandlerResponse.setPostBindingForResponse(postBinding); saml2HandlerResponse.setDestination(identityURL); saml2HandlerResponse.setDestination(logoutUrl); handler.reset(); if (saml2HandlerResponse.isInError()) { httpContext.getResponse().sendError(saml2HandlerResponse.getErrorCode()); break;
if (saml2HandlerResponse.isInError()) httpContext.getResponse().sendError(saml2HandlerResponse.getErrorCode()); break;
SAML2HandlerResponse saml2HandlerResponse = new DefaultSAML2HandlerResponse(); saml2HandlerResponse.setDestination(identityURL); if (saml2HandlerResponse.isInError()) httpContext.getResponse().sendError(saml2HandlerResponse.getErrorCode()); break;
response.setResultingDocument(saml2Response.convert(statusResponse)); response.setDestination(originalIssuer);
saml2HandlerResponse.setPostBindingForResponse(postBinding); Document samlResponseDocument = saml2HandlerResponse.getResultingDocument(); String relayState = saml2HandlerResponse.getRelayState(); String destination = saml2HandlerResponse.getDestination(); boolean willSendRequest = saml2HandlerResponse.getSendRequest(); sendRequestToIDP(destination, samlResponseDocument, relayState, httpContext.getResponse(), willSendRequest); } else { String destinationQuery = saml2HandlerResponse.getDestinationQueryStringWithSignature(); boolean areWeSendingRequest = saml2HandlerResponse.getSendRequest(); String samlMsg = DocumentUtil.getDocumentAsString(samlResponseDocument);