final T message = (T) fromDeflatedBase64(parameters.getFirstValue(name)); final MessageContext<T> messageContext = new MessageContext<>(); messageContext.setMessage(message);
/** * Converts an {@link AggregatedHttpMessage} which is received from the remote entity to * a {@link SAMLObject}. */ static <T extends SAMLObject> MessageContext<T> toSamlObject(AggregatedHttpMessage msg, String name) { final SamlParameters parameters = new SamlParameters(msg); final byte[] decoded; try { decoded = Base64.getMimeDecoder().decode(parameters.getFirstValue(name)); } catch (IllegalArgumentException e) { throw new SamlException("failed to decode a base64 string of the parameter: " + name, e); } @SuppressWarnings("unchecked") final T message = (T) deserialize(decoded); final MessageContext<T> messageContext = new MessageContext<>(); messageContext.setMessage(message); final String relayState = parameters.getFirstValueOrNull(RELAY_STATE); if (relayState != null) { final SAMLBindingContext context = messageContext.getSubcontext(SAMLBindingContext.class, true); assert context != null; context.setRelayState(relayState); } return messageContext; }
final MessageContext<AuthnRequest> messageContext = new MessageContext<>(); messageContext.setMessage(request); return new MessageContextAndIdpConfig(messageContext, idp);
private static MessageContext<SAMLObject> bindRelayStateParameter(final HttpServletRequest request) { val messageContext = new MessageContext<SAMLObject>(); val relayState = request.getParameter(SamlProtocolConstants.PARAMETER_SAML_RELAY_STATE); LOGGER.debug("Relay state is [{}]", relayState); SAMLBindingSupport.setRelayState(messageContext, relayState); return messageContext; }
protected MessageContext<Pac4jSAMLResponse> prepareOutboundMessageContext(final WebContext webContext) { final Pac4jSAMLResponse outTransport = new DefaultPac4jSAMLResponse(webContext); final MessageContext<Pac4jSAMLResponse> outCtx = new MessageContext<>(); outCtx.setMessage(outTransport); return outCtx; }
/** {@inheritDoc} */ protected void doDecode() throws MessageDecodingException { MessageContext<SAMLObject> messageContext = new MessageContext<>(); HttpServletRequest request = getHttpServletRequest(); String relayState = StringSupport.trim(request.getParameter("RelayState")); log.debug("Decoded SAML relay state of: {}", relayState); SAMLBindingSupport.setRelayState(messageContext, relayState); processArtifact(messageContext, request); populateBindingContext(messageContext); setMessageContext(messageContext); }
/** {@inheritDoc} */ @Override protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext) { final MessageContext msgCtx = new MessageContext(); profileRequestContext.setInboundMessageContext(msgCtx); final SAMLPeerEntityContext peerContext = msgCtx.getSubcontext(SAMLPeerEntityContext.class, true); peerContext.setEntityId(saml2Session.getId()); log.debug("{} Initialized inbound message context for logout of {}", getLogPrefix(), saml2Session.getId()); }
/** {@inheritDoc} */ @Override protected boolean doPreExecute(@Nonnull final ProfileRequestContext profileRequestContext) { ComponentSupport.ifNotInitializedThrowUninitializedComponentException(this); detailedErrors = detailedErrorsCondition.apply(profileRequestContext); log.debug("{} Detailed errors are {}", getLogPrefix(), detailedErrors ? "enabled" : "disabled"); if (profileRequestContext.getOutboundMessageContext() != null && nullifyOutboundMessage) { profileRequestContext.getOutboundMessageContext().setMessage(null); } else { profileRequestContext.setOutboundMessageContext(new MessageContext<Object>()); } return super.doPreExecute(profileRequestContext); }
/** {@inheritDoc} */ protected void doDecode() throws MessageDecodingException { MessageContext<SAMLObject> messageContext = new MessageContext<>(); HttpServletRequest request = getHttpServletRequest(); if (!"POST".equalsIgnoreCase(request.getMethod())) { throw new MessageDecodingException("This message decoder only supports the HTTP POST method"); } String relayState = request.getParameter("TARGET"); log.debug("Decoded SAML relay state (TARGET parameter) of: {}", relayState); SAMLBindingSupport.setRelayState(messageContext, relayState); String base64Message = request.getParameter("SAMLResponse"); byte[] decodedBytes = Base64Support.decode(base64Message); if (decodedBytes == null) { log.error("Unable to Base64 decode SAML message"); throw new MessageDecodingException("Unable to Base64 decode SAML message"); } SAMLObject inboundMessage = (SAMLObject) unmarshallMessage(new ByteArrayInputStream(decodedBytes)); messageContext.setMessage(inboundMessage); log.debug("Decoded SAML message"); populateBindingContext(messageContext); setMessageContext(messageContext); }
/** {@inheritDoc} */ protected void doDecode() throws MessageDecodingException { MessageContext<SAMLObject> messageContext = new MessageContext<>(); HttpServletRequest request = getHttpServletRequest(); if (!"POST".equalsIgnoreCase(request.getMethod())) { throw new MessageDecodingException("This message decoder only supports the HTTP POST method"); } String relayState = request.getParameter("RelayState"); log.debug("Decoded SAML relay state of: {}", relayState); SAMLBindingSupport.setRelayState(messageContext, relayState); InputStream base64DecodedMessage = getBase64DecodedMessage(request); SAMLObject inboundMessage = (SAMLObject) unmarshallMessage(base64DecodedMessage); messageContext.setMessage(inboundMessage); log.debug("Decoded SAML message"); populateBindingContext(messageContext); setMessageContext(messageContext); }
/** {@inheritDoc} */ protected void doDecode() throws MessageDecodingException { MessageContext<SAMLObject> messageContext = new MessageContext<>(); HttpServletRequest request = getHttpServletRequest(); decodeTarget(messageContext, request); processArtifacts(messageContext, request); populateBindingContext(messageContext); setMessageContext(messageContext); }
/** {@inheritDoc} */ @Override protected void doDecode() throws MessageDecodingException { ssoRequest = buildIdPInitiatedSSORequest(); final MessageContext<SAMLObject> messageContext = new MessageContext<>(); messageContext.setMessage(buildAuthnRequest()); populateBindingContext(messageContext); setMessageContext(messageContext); }
/** * Build encoder message context. * * @param request the authn request * @param samlObject the saml response * @param relayState the relay state * @return the message context */ protected MessageContext getEncoderMessageContext(final RequestAbstractType request, final T samlObject, final String relayState) { val ctx = new MessageContext<SAMLObject>(); ctx.setMessage(samlObject); SAMLBindingSupport.setRelayState(ctx, relayState); SamlIdPUtils.preparePeerEntitySamlEndpointContext(request, ctx, adaptor, getBinding()); val self = ctx.getSubcontext(SAMLSelfEntityContext.class, true); self.setEntityId(SamlIdPUtils.getIssuerFromSamlObject(samlObject)); return ctx; }
/** {@inheritDoc} */ @Override protected void doDecode() throws MessageDecodingException { final IdPInitiatedSSORequest ssoRequest = buildIdPInitiatedSSORequest(); final MessageContext<IdPInitiatedSSORequest> messageContext = new MessageContext<>(); messageContext.setMessage(ssoRequest); messageContext.getSubcontext(SAMLPeerEntityContext.class, true).setEntityId(ssoRequest.getEntityId()); final SAMLMessageInfoContext msgInfoContext = messageContext.getSubcontext(SAMLMessageInfoContext.class, true); msgInfoContext.setMessageIssueInstant(new DateTime(ssoRequest.getTime(), ISOChronology.getInstanceUTC())); msgInfoContext.setMessageId(getMessageID()); populateBindingContext(messageContext); setMessageContext(messageContext); }
/** * Encode response and pass it onto the outbound transport. * Uses {@link CasHttpSoap11Encoder} to handle encoding. * * @param httpResponse the http response * @param httpRequest the http request * @param samlMessage the saml response * @throws Exception the exception in case encoding fails. */ public void encodeSamlResponse(final HttpServletResponse httpResponse, final HttpServletRequest httpRequest, final Response samlMessage) throws Exception { final HTTPSOAP11Encoder encoder = new CasHttpSoap11Encoder(); final MessageContext<SAMLObject> context = new MessageContext(); context.setMessage(samlMessage); encoder.setHttpServletResponse(httpResponse); encoder.setMessageContext(context); encoder.initialize(); encoder.prepareContext(); encoder.encode(); } }
@Override protected Event doExecute( final @Nonnull RequestContext springRequestContext, final @Nonnull ProfileRequestContext profileRequestContext) { final MessageContext<SAMLObject> msgContext = new MessageContext<>(); try { msgContext.setMessage(buildSamlResponse(springRequestContext, profileRequestContext)); } catch (final IllegalStateException e) { return ProtocolError.IllegalState.event(this); } final SAMLBindingContext bindingContext = new SAMLBindingContext(); bindingContext.setBindingUri(SAMLConstants.SAML1_SOAP11_BINDING_URI); msgContext.addSubcontext(bindingContext); // Ensure message uses SOAP-ENV ns prefix required by old/broken CAS clients final Envelope envelope = (Envelope) XMLObjectSupport.buildXMLObject(envelopeName); envelope.setBody((Body) XMLObjectSupport.buildXMLObject(bodyName)); final SOAP11Context soapCtx = new SOAP11Context(); soapCtx.setEnvelope(envelope); msgContext.addSubcontext(soapCtx); profileRequestContext.setOutboundMessageContext(msgContext); return ActionSupport.buildProceedEvent(this); }
/** {@inheritDoc} */ @Override protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext) { final MessageContext msgCtx = new MessageContext(); profileRequestContext.setOutboundMessageContext(msgCtx); final SAMLSelfEntityContext selfContext = msgCtx.getSubcontext(SAMLSelfEntityContext.class, true); selfContext.setEntityId(selfIdentityLookupStrategy.apply(profileRequestContext)); final SAMLPeerEntityContext peerContext = msgCtx.getSubcontext(SAMLPeerEntityContext.class, true); peerContext.setEntityId(peerEntityCtx.getEntityId()); final SAMLMetadataContext inboundMetadataCtx = peerEntityCtx.getSubcontext(SAMLMetadataContext.class); if (inboundMetadataCtx != null) { final SAMLMetadataContext outboundMetadataCtx = peerContext.getSubcontext(SAMLMetadataContext.class, true); outboundMetadataCtx.setEntityDescriptor(inboundMetadataCtx.getEntityDescriptor()); outboundMetadataCtx.setRoleDescriptor(inboundMetadataCtx.getRoleDescriptor()); final AttributeConsumingServiceContext acsCtx = inboundMetadataCtx.getSubcontext(AttributeConsumingServiceContext.class); if (null != acsCtx) { outboundMetadataCtx.getSubcontext(AttributeConsumingServiceContext.class, true) .setAttributeConsumingService(acsCtx.getAttributeConsumingService()); } } log.debug("{} Initialized outbound message context", getLogPrefix()); } }
@Override protected void doEncode() throws MessageEncodingException { val messageContext = new MessageContext(); if (logoutRequest.isSigned()) { val signingContext = messageContext.getSubcontext(SecurityParametersContext.class, true); val signingParams = new SignatureSigningParameters(); val signature = logoutRequest.getSignature(); signingParams.setSigningCredential(signature.getSigningCredential()); signingParams.setSignatureAlgorithm(signature.getSignatureAlgorithm()); signingContext.setSignatureSigningParameters(signingParams); } removeSignature(logoutRequest); val encodedMessage = deflateAndBase64Encode(logoutRequest); messageContext.setMessage(logoutRequest); this.redirectUrl = buildRedirectURL(messageContext, endpointUrl, encodedMessage); }
/** {@inheritDoc} */ @Override protected void doDecode() throws MessageDecodingException { final HttpServletRequest request = getHttpServletRequest(); if (request == null) { throw new MessageDecodingException("Unable to locate HttpServletRequest"); } final ResolverTestRequest message = new ResolverTestRequest(getPrincipal(request), getRequesterId(request), getIndex(request), getProtocol(request)); final MessageContext<ResolverTestRequest> messageContext = new MessageContext<>(); messageContext.setMessage(message); setMessageContext(messageContext); final SAMLPeerEntityContext peerCtx = new SAMLPeerEntityContext(); peerCtx.setRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME); peerCtx.setEntityId(message.getRequesterId()); messageContext.addSubcontext(peerCtx, true); if (message.getProtocol() != null) { messageContext.getSubcontext(SAMLProtocolContext.class, true).setProtocol(message.getProtocol()); } }
/** {@inheritDoc} */ @Override protected void doDecode() throws MessageDecodingException { final HttpServletRequest request = getHttpServletRequest(); if (request == null) { throw new MessageDecodingException("Unable to locate HttpServletRequest"); } final MetadataQueryRequest message = new MetadataQueryRequest(); message.setEntityID(getEntityID(request)); message.setProtocol(getProtocol(request)); final MessageContext<MetadataQueryRequest> messageContext = new MessageContext<>(); messageContext.setMessage(message); setMessageContext(messageContext); final SAMLPeerEntityContext peerCtx = new SAMLPeerEntityContext(); peerCtx.setRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME); peerCtx.setEntityId(message.getEntityID()); messageContext.addSubcontext(peerCtx, true); if (message.getProtocol() != null) { messageContext.getSubcontext(SAMLProtocolContext.class, true).setProtocol(message.getProtocol()); } }