protected void renderMergedOutputModel( final Map<String, Object> model, final HttpServletRequest request, final HttpServletResponse response) throws Exception { response.setCharacterEncoding(this.encoding); final WebApplicationService service = this.samlArgumentExtractor.extractService(request); final String serviceId = service != null ? service.getId() : "UNKNOWN"; try { final Response samlResponse = newSamlObject(Response.class); samlResponse.setID(generateId()); samlResponse.setIssueInstant(new DateTime()); samlResponse.setVersion(SAMLVersion.VERSION_11); samlResponse.setRecipient(serviceId); if (service instanceof SamlService) { final SamlService samlService = (SamlService) service; if (samlService.getRequestID() != null) { samlResponse.setInResponseTo(samlService.getRequestID()); } } prepareResponse(samlResponse, model); final BasicSAMLMessageContext messageContext = new BasicSAMLMessageContext(); messageContext.setOutboundMessageTransport(new HttpServletResponseAdapter(response, request.isSecure())); messageContext.setOutboundSAMLMessage(samlResponse); this.encoder.encode(messageContext); } catch (final Exception e) { this.log.error("Error generating SAML response for service {}.", serviceId); throw e; } }
messageContext.setOutboundMessageTransport(outTransport); messageContext.setPeerEntityEndpoint(samlEndpoint); messageContext.setOutboundSAMLMessage(authnRequest);
public void doSAMLRedirect(final HttpServletResponse response, final String relayState) throws SAMLException, MessageEncodingException { final String requestId = SAMLUtils.generateRequestId(); final AuthnRequest authnRequest = createAuthnRequest(requestId); final HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(response, true); final BasicSAMLMessageContext<SAMLObject, AuthnRequest, SAMLObject> context = new BasicSAMLMessageContext<>(); final Endpoint endpoint = new SingleSignOnServiceBuilder().buildObject(); endpoint.setLocation(getIdPConfig().getLoginUrl()); context.setPeerEntityEndpoint(endpoint); context.setOutboundSAMLMessage(authnRequest); context.setOutboundSAMLMessageSigningCredential(authnRequest.getSignature().getSigningCredential()); context.setOutboundMessageTransport(responseAdapter); context.setRelayState(relayState == null ? "/" : relayState); final HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder(); encoder.encode(context); }
@SuppressWarnings("unchecked") public void sendAuthnResponse(SAMLPrincipal principal, HttpServletResponse response) throws MarshallingException, SignatureException, MessageEncodingException { Status status = buildStatus(StatusCode.SUCCESS_URI); String entityId = idpConfiguration.getEntityId(); Credential signingCredential = resolveCredential(entityId); Response authResponse = buildSAMLObject(Response.class, Response.DEFAULT_ELEMENT_NAME); Issuer issuer = buildIssuer(entityId); authResponse.setIssuer(issuer); authResponse.setID(SAMLBuilder.randomSAMLId()); authResponse.setIssueInstant(new DateTime()); authResponse.setInResponseTo(principal.getRequestID()); Assertion assertion = buildAssertion(principal, status, entityId); signAssertion(assertion, signingCredential); authResponse.getAssertions().add(assertion); authResponse.setDestination(principal.getAssertionConsumerServiceURL()); authResponse.setStatus(status); Endpoint endpoint = buildSAMLObject(Endpoint.class, SingleSignOnService.DEFAULT_ELEMENT_NAME); endpoint.setLocation(principal.getAssertionConsumerServiceURL()); HttpServletResponseAdapter outTransport = new HttpServletResponseAdapter(response, false); BasicSAMLMessageContext messageContext = new BasicSAMLMessageContext(); messageContext.setOutboundMessageTransport(outTransport); messageContext.setPeerEntityEndpoint(endpoint); messageContext.setOutboundSAMLMessage(authResponse); messageContext.setOutboundSAMLMessageSigningCredential(signingCredential); messageContext.setOutboundMessageIssuer(entityId); messageContext.setRelayState(principal.getRelayState()); encoder.encode(messageContext); }