private SamlIdentityProviderConfig validateAndGetIdPConfig(LogoutRequest logoutRequest, String endpointUri) { final String issuer = logoutRequest.getIssuer().getValue(); if (issuer == null) { throw new SamlException("no issuer found from the logout request: " + logoutRequest.getID()); } if (!endpointUri.equals(logoutRequest.getDestination())) { throw new SamlException("unexpected destination: " + logoutRequest.getDestination()); } final SamlIdentityProviderConfig config = idpConfigs.get(issuer); if (config == null) { throw new SamlException("unexpected identity provider: " + issuer); } return config; }
private LogoutResponse createLogoutResponse(LogoutRequest logoutRequest, String statusCode) { final StatusCode success = build(StatusCode.DEFAULT_ELEMENT_NAME); success.setValue(statusCode); final Status status = build(Status.DEFAULT_ELEMENT_NAME); status.setStatusCode(success); final Issuer me = build(Issuer.DEFAULT_ELEMENT_NAME); me.setValue(entityId); final LogoutResponse logoutResponse = build(LogoutResponse.DEFAULT_ELEMENT_NAME); logoutResponse.setIssuer(me); logoutResponse.setID(requestIdManager.newId()); logoutResponse.setIssueInstant(DateTime.now()); logoutResponse.setStatus(status); logoutResponse.setInResponseTo(logoutRequest.getID()); return logoutResponse; } }
} catch (SamlException e) { logger.warn("{} Cannot respond a logout response in response to {}", ctx, logoutRequest.getID(), e); final HttpResponse response = fail(ctx, logoutRequest, sloResEndpoint); return HttpResponse.from(sloHandler.logoutFailed(ctx, msg, e)
private SamlIdentityProviderConfig validateAndGetIdPConfig(LogoutRequest logoutRequest, String endpointUri) { final String issuer = logoutRequest.getIssuer().getValue(); if (issuer == null) { throw new SamlException("no issuer found from the logout request: " + logoutRequest.getID()); } if (!endpointUri.equals(logoutRequest.getDestination())) { throw new SamlException("unexpected destination: " + logoutRequest.getDestination()); } final SamlIdentityProviderConfig config = idpConfigs.get(issuer); if (config == null) { throw new SamlException("unexpected identity provider: " + issuer); } return config; }
private LogoutResponse createLogoutResponse(LogoutRequest logoutRequest, String statusCode) { final StatusCode success = build(StatusCode.DEFAULT_ELEMENT_NAME); success.setValue(statusCode); final Status status = build(Status.DEFAULT_ELEMENT_NAME); status.setStatusCode(success); final Issuer me = build(Issuer.DEFAULT_ELEMENT_NAME); me.setValue(entityId); final LogoutResponse logoutResponse = build(LogoutResponse.DEFAULT_ELEMENT_NAME); logoutResponse.setIssuer(me); logoutResponse.setID(requestIdManager.newId()); logoutResponse.setIssueInstant(DateTime.now()); logoutResponse.setStatus(status); logoutResponse.setInResponseTo(logoutRequest.getID()); return logoutResponse; } }
Pair<String, Date> relayState = accessTokenDataBinder.generateJWT( SecureRandomUtils.generateRandomUUID().toString(), logoutRequest.getID(), JWT_RELAY_STATE_DURATION, claims); requestTO.setRelayState(relayState.getLeft());
} catch (SamlException e) { logger.warn("{} Cannot respond a logout response in response to {}", ctx, logoutRequest.getID(), e); final HttpResponse response = fail(ctx, logoutRequest, sloResEndpoint); return HttpResponse.from(sloHandler.logoutFailed(ctx, msg, e)
protected LogoutRequest resolveLogoutRequest(org.opensaml.saml.saml2.core.LogoutRequest request, List<SimpleKey> verificationKeys, List<SimpleKey> localKeys) { LogoutRequest result = new LogoutRequest() .setId(request.getID()) .setConsent(request.getConsent()) .setVersion(request.getVersion().toString()) .setNotOnOrAfter(request.getNotOnOrAfter()) .setIssueInstant(request.getIssueInstant()) .setReason(LogoutReason.fromUrn(request.getReason())) .setIssuer(getIssuer(request.getIssuer())) .setDestination(new Endpoint().setLocation(request.getDestination())); NameID nameID = getNameID(request.getNameID(), request.getEncryptedID(), localKeys); result.setNameId(getNameIdPrincipal(nameID)); return result; }