private String[] getAuditResourceFromSamlAuthnRequest(final AuthnRequest returnValue) { val result = new ToStringBuilder(this, ToStringStyle.NO_CLASS_NAME_STYLE) .append("issuer", returnValue.getIssuer().getValue()) .append("binding", returnValue.getProtocolBinding()) .toString(); return new String[]{result}; } }
/** * Determine profile binding. * * @param authenticationContext the authentication context * @param assertion the assertion * @return the string */ protected String determineProfileBinding(final Pair<AuthnRequest, MessageContext> authenticationContext, final Assertion assertion) { val authnRequest = authenticationContext.getKey(); val pair = getRegisteredServiceAndFacade(authnRequest); val facade = pair.getValue(); val binding = StringUtils.defaultIfBlank(authnRequest.getProtocolBinding(), SAMLConstants.SAML2_POST_BINDING_URI); LOGGER.debug("Determined authentication request binding is [{}], issued by [{}]", binding, authnRequest.getIssuer().getValue()); val entityId = facade.getEntityId(); LOGGER.debug("Checking metadata for [{}] to see if binding [{}] is supported", entityId, binding); @NonNull val svc = facade.getAssertionConsumerService(binding); LOGGER.debug("Binding [{}] is supported by [{}]", svc.getBinding(), entityId); return binding; } }
if (req.getProtocolBinding() != null) { domElement.setAttributeNS(null, AuthnRequest.PROTOCOL_BINDING_ATTRIB_NAME, req.getProtocolBinding());
protected void verifyRequest(final AuthnRequest request, final SAML2MessageContext context) { // Verify endpoint requested in the original request final AssertionConsumerService assertionConsumerService = (AssertionConsumerService) context.getSAMLEndpointContext() .getEndpoint(); if (request.getAssertionConsumerServiceIndex() != null) { if (!request.getAssertionConsumerServiceIndex().equals(assertionConsumerService.getIndex())) { logger.warn("Response was received at a different endpoint index than was requested"); } } else { final String requestedResponseURL = request.getAssertionConsumerServiceURL(); final String requestedBinding = request.getProtocolBinding(); if (requestedResponseURL != null) { final String responseLocation; if (assertionConsumerService.getResponseLocation() != null) { responseLocation = assertionConsumerService.getResponseLocation(); } else { responseLocation = assertionConsumerService.getLocation(); } if (!requestedResponseURL.equals(responseLocation)) { logger.warn("Response was received at a different endpoint URL {} than was requested {}", responseLocation, requestedResponseURL); } } if (requestedBinding != null && !requestedBinding.equals(context.getSAMLBindingContext().getBindingUri())) { logger.warn("Response was received using a different binding {} than was requested {}", context.getSAMLBindingContext().getBindingUri(), requestedBinding); } } }
endpoint.setBinding(((AuthnRequest) inboundMessage).getProtocolBinding()); if (endpoint instanceof IndexedEndpoint) { ((IndexedEndpoint) endpoint).setIndex(
}); } else { acs.setBinding(authnRequest.getProtocolBinding()); acs.setLocation(authnRequest.getAssertionConsumerServiceURL()); acs.setResponseLocation(authnRequest.getAssertionConsumerServiceURL());
protected AuthenticationRequest resolveAuthenticationRequest(AuthnRequest parsed) { AuthnRequest request = parsed; AuthenticationRequest result = new AuthenticationRequest() .setBinding(Binding.fromUrn(request.getProtocolBinding())) .setAssertionConsumerService( getEndpoint( request.getAssertionConsumerServiceURL(), Binding.fromUrn(request.getProtocolBinding()), ofNullable(request.getAssertionConsumerServiceIndex()).orElse(-1), false getEndpoint( request.getDestination(), Binding.fromUrn(request.getProtocolBinding()), -1, false