Decrypter decrypter = new Decrypter(null, keyInfoResolver, keyResolver); decrypter.setRootInNewDocument(true); List<EncryptedAssertion> encryptedAssertions = processedSAMLResponse.getEncryptedAssertions(); if (encryptedAssertions != null) { for (EncryptedAssertion encryptedAssertion : encryptedAssertions) {
/** {@inheritDoc} */ protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject) throws UnmarshallingException { Response resp = (Response) parentSAMLObject; if (childSAMLObject instanceof Assertion) { resp.getAssertions().add((Assertion) childSAMLObject); } else if (childSAMLObject instanceof EncryptedAssertion) { resp.getEncryptedAssertions().add((EncryptedAssertion) childSAMLObject); } else { super.processChildElement(parentSAMLObject, childSAMLObject); } }
/** * Retrieve all supplied assertions, decrypting any encrypted * assertions if necessary. */ private List<Assertion> getAssertions(Response response) throws DecryptionException { List<Assertion> assertions = new ArrayList<Assertion>(); assertions.addAll(response.getAssertions()); for (EncryptedAssertion e : response.getEncryptedAssertions()) { assertions.add(decrypt(e)); } return assertions; }
/** * Get the Assertion from the SAML2 Response * * @param response SAML2 Response * @return assertion */ private Assertion getAssertionFromResponse(Response response) { Assertion assertion = null; List<Assertion> assertions = response.getAssertions(); if (assertions != null && !assertions.isEmpty()) { assertion = assertions.get(0); } else { List<EncryptedAssertion> encryptedAssertions = response.getEncryptedAssertions(); EncryptedAssertion encryptedAssertion; if (encryptedAssertions.size() > 0) { encryptedAssertion = encryptedAssertions.get(0); try { String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain(); assertion = getDecryptedAssertion(encryptedAssertion, tenantDomain); } catch (SAML2SSOUIAuthenticatorException e) { log.error("Error while obtaining the assertion from saml response.", e); } } } return assertion; }
/** * Get the username from the SAML2 Response * * @param response SAML2 Response * @return username username contained in the SAML Response */ public static String getUsernameFromResponse(Response response) { List<Assertion> assertions = response.getAssertions(); Assertion assertion = null; if (assertions != null && assertions.size() > 0) { // There can be only one assertion in a SAML Response, so get the // first one assertion = assertions.get(0); return getUsernameFromAssertion(assertion); } else { List<EncryptedAssertion> encryptedAssertions = response.getEncryptedAssertions(); EncryptedAssertion encryptedAssertion; if (encryptedAssertions.size() > 0) { encryptedAssertion = encryptedAssertions.get(0); String tenantDomain = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME; try { assertion = getDecryptedAssertion(encryptedAssertion, tenantDomain); } catch (SAML2SSOUIAuthenticatorException e) { log.error("Error while obtaining user name from response."); } return getUsernameFromAssertion(assertion); } } return null; }
assertion = assertions.get(0); } else { List<EncryptedAssertion> encryptedAssertions = samlResponse.getEncryptedAssertions(); EncryptedAssertion encryptedAssertion; if (encryptedAssertions.size() > 0) {
List<EncryptedAssertion> encryptedAssertions = saml2Response.getEncryptedAssertions(); EncryptedAssertion encryptedAssertion = null; if (!CollectionUtils.isEmpty(encryptedAssertions)) {
List<EncryptedAssertion> encryptedAssertions = saml2Response.getEncryptedAssertions(); EncryptedAssertion encryptedAssertion = null; if (!CollectionUtils.isEmpty(encryptedAssertions)) {
alias, domainName); response.getEncryptedAssertions().add(encryptedAssertion);
alias, domainName); response.getEncryptedAssertions().add(encryptedAssertion);
EncryptedAssertion encryptedAssertion = SAMLSSOUtil.setEncryptedAssertion(assertion, EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256, alias, domainName); response.getEncryptedAssertions().add(encryptedAssertion);
List<EncryptedAssertion> encryptedAssertions = response.getEncryptedAssertions(); EncryptedAssertion encryptedAssertion = null; if (CollectionUtils.isNotEmpty(encryptedAssertions)) {
if (response.getEncryptedAssertions().size() > 0) { assertionList = new ArrayList<Assertion>(response.getAssertions().size() + response.getEncryptedAssertions().size()); assertionList.addAll(response.getAssertions()); List<EncryptedAssertion> encryptedAssertionList = response.getEncryptedAssertions(); for (EncryptedAssertion ea : encryptedAssertionList) { try {
EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256, alias, domainName); response.getEncryptedAssertions().add(encryptedAssertion);
response.getEncryptedAssertions().add(encryptedAssertion);