AuthnRequestType authnRequest = new AuthnRequestType(id, issueInstant); if (assertionConsumerServiceURL != null) { String uri = StaxParserUtil.getAttributeValue(assertionConsumerServiceURL); authnRequest.setAssertionConsumerServiceURL(URI.create(uri)); JBossSAMLConstants.ASSERTION_CONSUMER_SERVICE_INDEX.get())); if (assertionConsumerServiceIndex != null) authnRequest.setAssertionConsumerServiceIndex(Integer.parseInt(StaxParserUtil .getAttributeValue(assertionConsumerServiceIndex))); authnRequest.setProtocolBinding(URI.create(StaxParserUtil.getAttributeValue(protocolBinding))); authnRequest.setProviderName(StaxParserUtil.getAttributeValue(providerName)); authnRequest.setForceAuthn(Boolean.parseBoolean(StaxParserUtil.getAttributeValue(forceAuthn))); authnRequest.setIsPassive(Boolean.parseBoolean(StaxParserUtil.getAttributeValue(isPassive))); JBossSAMLConstants.ATTRIBUTE_CONSUMING_SERVICE_INDEX.get())); if (attributeConsumingServiceIndex != null) authnRequest.setAttributeConsumingServiceIndex(Integer.parseInt(StaxParserUtil .getAttributeValue(attributeConsumingServiceIndex)));
public URI getSenderURL() { URI assertionConsumerServiceURL = getAssertionConsumerServiceURL(); if (assertionConsumerServiceURL != null) { return assertionConsumerServiceURL; } NameIDType issuer = getIssuer(); try { if (issuer != null) { return URI.create(issuer.getValue()); } } catch (Exception e) { throw new RuntimeException("Could not resolve sender URL using the Issuer value [" + issuer.getValue() + "]." , e); } throw new RuntimeException("Could not resolve sender URL. AuthnRequest must have a value for AssertionConsumerServiceURL or Issuer."); }
protected void sendRequestToIDP(AuthnRequestType authnRequest, String relayState, HttpServletResponse response) throws IOException, SAXException, GeneralSecurityException { SAML2Request saml2Request = new SAML2Request(); ByteArrayOutputStream baos = new ByteArrayOutputStream(); saml2Request.marshall(authnRequest, baos); String samlMessage = PostBindingUtil.base64Encode(baos.toString()); String destination = authnRequest.getDestination().toASCIIString(); PostBindingUtil.sendPost(new DestinationInfoHolder(destination, samlMessage, relayState), response, true); }
/** * Create an authentication request * * @param id * @param assertionConsumerURL * @param destination * @param issuerValue * @return * @throws ConfigurationException */ public AuthnRequestType createAuthnRequestType(String id, String assertionConsumerURL, String destination, String issuerValue) throws ConfigurationException { XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant(); AuthnRequestType authnRequest = new AuthnRequestType(id, issueInstant); authnRequest.setAssertionConsumerServiceURL(URI.create(assertionConsumerURL)); authnRequest.setProtocolBinding(URI.create(JBossSAMLConstants.HTTP_POST_BINDING.get())); if (destination != null) { authnRequest.setDestination(URI.create(destination)); } // Create an issuer NameIDType issuer = new NameIDType(); issuer.setValue(issuerValue); authnRequest.setIssuer(issuer); // Create a default NameIDPolicy NameIDPolicyType nameIDPolicy = new NameIDPolicyType(); nameIDPolicy.setAllowCreate(Boolean.TRUE); nameIDPolicy.setFormat(URI.create(this.nameIDFormat)); authnRequest.setNameIDPolicy(nameIDPolicy); return authnRequest; }
public AuthnRequestType createAuthnRequest() { ObjectFactory objectFactory = new ObjectFactory(); org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory assertionObjectFactory = new org.picketlink.identity.federation.saml.v2.assertion.ObjectFactory(); AuthnRequestType authnRequest = objectFactory.createAuthnRequestType(); authnRequest.setID(generateId()); authnRequest.setIssueInstant(generateIssueInstant()); NameIDType issuer = assertionObjectFactory.createNameIDType(); issuer.setValue(serviceProvider.getSamlConfiguration().getEntityId()); authnRequest.setIssuer(issuer); authnRequest.setVersion(JBossSAMLConstants.VERSION_2_0.get()); // Fill in the optional fields that indicate where and how the response should be delivered. authnRequest.setAssertionConsumerServiceURL(serviceProvider .getServiceURL(ExternalAuthenticationService.SAML_ASSERTION_CONSUMER_SERVICE)); authnRequest.setProtocolBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"); return authnRequest; }
StaxUtil.writeAttribute(writer, JBossSAMLConstants.ID.get(), request.getID()); StaxUtil.writeAttribute(writer, JBossSAMLConstants.VERSION.get(), request.getVersion()); StaxUtil.writeAttribute(writer, JBossSAMLConstants.ISSUE_INSTANT.get(), request.getIssueInstant().toString()); URI destination = request.getDestination(); if (destination != null) StaxUtil.writeAttribute(writer, JBossSAMLConstants.DESTINATION.get(), destination.toASCIIString()); String consent = request.getConsent(); if (StringUtil.isNotNull(consent)) StaxUtil.writeAttribute(writer, JBossSAMLConstants.CONSENT.get(), consent); URI assertionURL = request.getAssertionConsumerServiceURL(); if (assertionURL != null) StaxUtil.writeAttribute(writer, JBossSAMLConstants.ASSERTION_CONSUMER_SERVICE_URL.get(), assertionURL.toASCIIString()); Boolean forceAuthn = request.isForceAuthn(); if (forceAuthn != null) { StaxUtil.writeAttribute(writer, JBossSAMLConstants.FORCE_AUTHN.get(), forceAuthn.toString()); Boolean isPassive = request.isIsPassive(); if (isPassive != null) { StaxUtil.writeAttribute(writer, JBossSAMLConstants.IS_PASSIVE.get(), isPassive.toString()); URI protocolBinding = request.getProtocolBinding(); if (protocolBinding != null) { StaxUtil.writeAttribute(writer, JBossSAMLConstants.PROTOCOL_BINDING.get(), protocolBinding.toString());
private void handleSAML2UnsolicitedResponse(HttpServletRequest request, HttpServletResponse response) throws ServletException { SAML2Request samlRequest = new SAML2Request(); String id = IDGenerator.create("ID_"); String assertionConsumerURL = request.getParameter(JBossSAMLConstants.UNSOLICITED_RESPONSE_TARGET.get()); try { AuthnRequestType authn = samlRequest .createAuthnRequestType(id, assertionConsumerURL, getIdentityURL(), assertionConsumerURL); String requestedBinding = request.getParameter(JBossSAMLConstants.UNSOLICITED_RESPONSE_SAML_BINDING.get()); if ("POST".equalsIgnoreCase(requestedBinding)) { authn.setProtocolBinding(URI.create(JBossSAMLURIConstants.SAML_HTTP_POST_BINDING.get())); } else { authn.setProtocolBinding(URI.create(JBossSAMLURIConstants.SAML_HTTP_REDIRECT_BINDING.get())); } authn.setUnsolicitedResponse(true); processSAMLRequestMessage(request, response, authn, true); } catch (Exception e) { throw new ServletException("Could not handle SAML 2.0 Unsolicited Response.", e); } }
URI senderURL = authnRequestType.getSenderURL(); destination = authRequest.getSenderURL().toASCIIString(); forceAuthn = authRequest.isForceAuthn();
throw logger.samlHandlerAuthnRequestIsNull(); checkDestination(art.getDestination(), getProviderconfig().getIdentityURL()); String destination = art.getSenderURL().toASCIIString(); boolean isPost = art.getProtocolBinding().toString().equals(JBossSAMLURIConstants.SAML_HTTP_POST_BINDING.get()); IdentityServer identityServer = (IdentityServer) servletContext.getAttribute(GeneralConstants.IDENTITY_SERVER);
userPrincipal = httpContext.getRequest().getUserPrincipal(); String assertionConsumerURL = art.getSenderURL().toASCIIString(); String identityURL = request.getIssuer().getValue(); String requestID = art.getID(); sp.setResponseDestinationURI(assertionConsumerURL); sp.setRequestID(requestID); sp.setIssuer(art.getIssuer().getValue()); sp.setAuthnRequestType(art); responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);
userPrincipal = httpContext.getRequest().getUserPrincipal(); String assertionConsumerURL = art.getAssertionConsumerServiceURL().toASCIIString(); List<String> roles = (List<String>) session.getAttribute(GeneralConstants.ROLES_ID); String identityURL = request.getIssuer().getValue(); Map<String, Object> attribs = (Map<String, Object>) request.getOptions().get(GeneralConstants.ATTRIBUTES); String requestID = art.getID(); sp.setResponseDestinationURI(assertionConsumerURL); sp.setRequestID(requestID); sp.setIssuer(art.getIssuer().getValue()); responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);
authn.setForceAuthn(Boolean.valueOf(forceAuthn)); authn.setProtocolBinding(URI.create(JBossSAMLURIConstants.SAML_HTTP_POST_BINDING.get())); } else if (bindingType.equals("REDIRECT")) { authn.setProtocolBinding(URI.create(JBossSAMLURIConstants.SAML_HTTP_REDIRECT_BINDING.get())); } else { throw logger.samlInvalidProtocolBinding();
userPrincipal = httpContext.getRequest().getUserPrincipal(); String assertionConsumerURL = art.getAssertionConsumerServiceURL().toASCIIString(); List<String> roles = (List<String>) session.getAttribute(GeneralConstants.ROLES_ID); String identityURL = request.getIssuer().getValue(); Map<String, Object> attribs = (Map<String, Object>) request.getOptions().get(GeneralConstants.ATTRIBUTES); long assertionValidity = (Long) request.getOptions().get(GeneralConstants.ASSERTIONS_VALIDITY); String requestID = art.getID();
throw new ProcessingException(ErrorCodes.NULL_VALUE + "AuthnRequest is null"); String destination = art.getAssertionConsumerServiceURL().toASCIIString(); if (trace) log.trace("Destination=" + destination);
authn.setProtocolBinding(URI.create(JBossSAMLURIConstants.SAML_HTTP_POST_BINDING.get())); } else if (bindingType.equals("REDIRECT")) { authn.setProtocolBinding(URI.create(JBossSAMLURIConstants.SAML_HTTP_REDIRECT_BINDING.get())); } else { throw logger.samlInvalidProtocolBinding();
public void sendAuthenticationRequestToIDP(HttpServletRequest request, HttpServletResponse response, SamlIdentityProvider samlIdentityProvider, String returnUrl) { AuthnRequestType authnRequest = samlMessageFactory.createAuthnRequest(); requests.addRequest(authnRequest.getID(), samlIdentityProvider, returnUrl); if (Events.exists()) { Events.instance().raiseEvent(Identity.EVENT_PRE_AUTHENTICATE); } samlMessageSender.sendRequestToIDP(request, response, samlIdentityProvider, SamlProfile.SINGLE_SIGN_ON, authnRequest); } }
StaxUtil.writeAttribute(writer, JBossSAMLConstants.ID.get(), request.getID()); StaxUtil.writeAttribute(writer, JBossSAMLConstants.VERSION.get(), request.getVersion()); StaxUtil.writeAttribute(writer, JBossSAMLConstants.ISSUE_INSTANT.get(), request.getIssueInstant().toString()); URI destination = request.getDestination(); if (destination != null) StaxUtil.writeAttribute(writer, JBossSAMLConstants.DESTINATION.get(), destination.toASCIIString()); String consent = request.getConsent(); if (StringUtil.isNotNull(consent)) StaxUtil.writeAttribute(writer, JBossSAMLConstants.CONSENT.get(), consent); URI assertionURL = request.getAssertionConsumerServiceURL(); if (assertionURL != null) StaxUtil.writeAttribute(writer, JBossSAMLConstants.ASSERTION_CONSUMER_SERVICE_URL.get(), assertionURL.toASCIIString()); Boolean forceAuthn = request.isForceAuthn(); if (forceAuthn != null) { StaxUtil.writeAttribute(writer, JBossSAMLConstants.FORCE_AUTHN.get(), forceAuthn.toString()); Boolean isPassive = request.isIsPassive(); if (isPassive != null) { StaxUtil.writeAttribute(writer, JBossSAMLConstants.IS_PASSIVE.get(), isPassive.toString()); URI protocolBinding = request.getProtocolBinding(); if (protocolBinding != null) { StaxUtil.writeAttribute(writer, JBossSAMLConstants.PROTOCOL_BINDING.get(), protocolBinding.toString());
AuthnRequestType authnRequest = new AuthnRequestType(id, issueInstant); authnRequest.setAssertionConsumerServiceURL(URI.create(assertionConsumerURL)); authnRequest.setProtocolBinding(URI.create(JBossSAMLConstants.HTTP_POST_BINDING.get())); if (destination != null) authnRequest.setDestination(URI.create(destination)); issuer.setValue(issuerValue); authnRequest.setIssuer(issuer); nameIDPolicy.setFormat(URI.create(this.nameIDFormat)); authnRequest.setNameIDPolicy(nameIDPolicy);
private void handleSAML2UnsolicitedResponse(HttpServletRequest request, HttpServletResponse response) throws ServletException { SAML2Request samlRequest = new SAML2Request(); String id = IDGenerator.create("ID_"); String assertionConsumerURL = request.getParameter(JBossSAMLConstants.UNSOLICITED_RESPONSE_TARGET.get()); try { AuthnRequestType authn = samlRequest .createAuthnRequestType(id, assertionConsumerURL, getIdentityURL(), assertionConsumerURL); String requestedBinding = request.getParameter(JBossSAMLConstants.UNSOLICITED_RESPONSE_SAML_BINDING.get()); if ("POST".equalsIgnoreCase(requestedBinding)) { authn.setProtocolBinding(URI.create(JBossSAMLURIConstants.SAML_HTTP_POST_BINDING.get())); } else { authn.setProtocolBinding(URI.create(JBossSAMLURIConstants.SAML_HTTP_REDIRECT_BINDING.get())); } authn.setUnsolicitedResponse(true); processSAMLRequestMessage(request, response, authn, true); } catch (Exception e) { throw new ServletException("Could not handle SAML 2.0 Unsolicited Response.", e); } }
URI senderURL = authnRequestType.getSenderURL(); destination = authRequest.getSenderURL().toASCIIString(); forceAuthn = authRequest.isForceAuthn();