/** * Determines whether given AssertionConsumerService can be used to deliver messages consumable by this profile. Bindings * POST and Artifact are supported for WebSSO. * * @param endpoint endpoint * @return true if endpoint is supported * @throws MetadataProviderException in case system can't verify whether endpoint is supported or not */ protected boolean isEndpointSupported(AssertionConsumerService endpoint) throws MetadataProviderException { return org.opensaml.common.xml.SAMLConstants.SAML2_POST_BINDING_URI.equals(endpoint.getBinding()) | org.opensaml.common.xml.SAMLConstants.SAML2_ARTIFACT_BINDING_URI.equals(endpoint.getBinding()); }
@Override protected boolean isEndpointSupported(AssertionConsumerService endpoint) { return SAMLConstants.SAML2_PAOS_BINDING_URI.equals(endpoint.getBinding()); }
@Override protected boolean isEndpointSupported(AssertionConsumerService endpoint) throws MetadataProviderException { // Only HoK endpoints are supported if (!SAMLConstants.SAML2_HOK_WEBSSO_PROFILE_URI.equals(endpoint.getBinding())) { return false; } String binding = SAMLUtil.getBindingForEndpoint(endpoint); return org.opensaml.common.xml.SAMLConstants.SAML2_POST_BINDING_URI.equals(binding) || org.opensaml.common.xml.SAMLConstants.SAML2_ARTIFACT_BINDING_URI.equals(binding); }
/** * Loads the assertionConsumerIndex designated by the index. In case an index is specified the consumer * is located and returned, otherwise default consumer is used. * * @param ssoDescriptor descriptor * @param index to load, can be null * @return consumer service * @throws org.opensaml.common.SAMLRuntimeException * in case assertionConsumerService with given index isn't found */ public static AssertionConsumerService getConsumerService(SPSSODescriptor ssoDescriptor, Integer index) { if (index != null) { for (AssertionConsumerService service : ssoDescriptor.getAssertionConsumerServices()) { if (index.equals(service.getIndex())) { log.debug("Found assertionConsumerService with index {} and binding {}", index, service.getBinding()); return service; } } throw new SAMLRuntimeException("AssertionConsumerService with index " + index + " wasn't found for ServiceProvider " + ssoDescriptor.getID() + ", please check your metadata"); } log.debug("Index for AssertionConsumerService not specified, returning default"); return ssoDescriptor.getDefaultAssertionConsumerService(); }
if (SAMLConstants.SAML2_HOK_WEBSSO_PROFILE_URI.equals(consumerService.getBinding())) { if (webSSOprofileHoK == null) { log.warn("WebSSO HoK profile was specified to be used, but profile is not configured in the EntryPoint, HoK will be skipped");
throw new MetadataProviderException("Endpoint designated by the value in the WebSSOProfileOptions is not supported by this profile"); } else { log.debug("Using consumer service determined by user preference with binding {}", service.getBinding()); return service; log.debug("Using default consumer service with binding {}", service.getBinding()); return service; for (AssertionConsumerService service : services) { if (isEndpointSupported(service)) { log.debug("Using first available consumer service with binding {}", service.getBinding()); return service;
if (svc.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI) || svc.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) { acsUrl = svc.getLocation(); break;
SPSSODescriptor spssoDescriptor = (SPSSODescriptor) context.getLocalEntityRoleMetadata(); for (AssertionConsumerService service : spssoDescriptor.getAssertionConsumerServices()) { if (context.getInboundSAMLProtocol().equals(service.getBinding()) && service.getLocation().equals(data.getRecipient())) { confirmed = true;
if (svc.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI) || svc.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) { acsUrl = svc.getLocation(); break;