/** * <p> * Indicates if signature support is enabled. If this handler is defined in the configuration file, signatures are enabled * by default. But if the GeneralConstants.SUPPORTS_SIGNATURES request option exists consider its value. * </p> * * @param request * @return */ protected boolean isSupportsSignature(SAML2HandlerRequest request) { return request.getOptions().get(GeneralConstants.SUPPORTS_SIGNATURES) == null || ((Boolean) request.getOptions().get(GeneralConstants.SUPPORTS_SIGNATURES)); }
/** * <p> * Indicates if signature support is enabled. If this handler is defined in the configuration file, signatures are * enabled * by default. But if the GeneralConstants.SUPPORTS_SIGNATURES request option exists consider its value. * </p> * * @param request * * @return */ protected boolean isSupportsSignature(SAML2HandlerRequest request) { return request.getOptions().get(GeneralConstants.SUPPORTS_SIGNATURES) == null || ((Boolean) request.getOptions().get(GeneralConstants.SUPPORTS_SIGNATURES)); }
private Boolean isIgnoreSignature(SAML2HandlerRequest request) { Map<String, Object> requestOptions = request.getOptions(); Boolean ignoreSignatures = (Boolean) requestOptions.get(GeneralConstants.IGNORE_SIGNATURES); if (ignoreSignatures == null){ ignoreSignatures = Boolean.FALSE; } //TODO: check signatures for GLO logout requests when using a backchannel if (SAML2LogOutHandler.isBackChannelLogoutRequest(request)) { return Boolean.TRUE; } return ignoreSignatures; }
private PublicKey getPublicKeyFromMetadata(SAML2HandlerRequest request) { SSODescriptorType spMetadata = (SSODescriptorType) request.getOptions().get(GeneralConstants.SSO_METADATA_DESCRIPTOR); if (spMetadata != null) { X509Certificate certificate = SAMLMetadataUtil.getCertificate(KeyTypes.ENCRYPTION, spMetadata); if (certificate != null) { return certificate.getPublicKey(); } } return null; }
private PublicKey getPublicKeyFromMetadata(SAML2HandlerRequest request) { SSODescriptorType spMetadata = (SSODescriptorType) request.getOptions().get(GeneralConstants.SSO_METADATA_DESCRIPTOR); if (spMetadata != null) { X509Certificate certificate = SAMLMetadataUtil.getCertificate(KeyTypes.SIGNING, spMetadata); if (certificate != null) { return certificate.getPublicKey(); } } return null; }
private PublicKey getPublicKeyFromMetadata(SAML2HandlerRequest request) { SSODescriptorType spMetadata = (SSODescriptorType) request.getOptions().get(GeneralConstants.SSO_METADATA_DESCRIPTOR); if (spMetadata != null) { X509Certificate certificate = SAMLMetadataUtil.getCertificate(KeyTypes.ENCRYPTION, spMetadata); if (certificate != null) { return certificate.getPublicKey(); } } return null; }
private Boolean isIgnoreSignature(SAML2HandlerRequest request) { Map<String, Object> requestOptions = request.getOptions(); Boolean ignoreSignatures = (Boolean) requestOptions.get(GeneralConstants.IGNORE_SIGNATURES); if (ignoreSignatures == null){ ignoreSignatures = Boolean.FALSE; } //TODO: check signatures for GLO logout requests when using a backchannel if (SAML2LogOutHandler.isBackChannelLogoutRequest(request)) { return Boolean.TRUE; } return ignoreSignatures; }
private PublicKey getSenderPublicKey(SAML2HandlerRequest request) { PublicKey publicKey = (PublicKey) request.getOptions().get(GeneralConstants.SENDER_PUBLIC_KEY); if (publicKey == null) { throw logger.nullArgumentError("Sender Public Key"); } return publicKey; }
private PublicKey getPublicKeyFromMetadata(SAML2HandlerRequest request) { SSODescriptorType spMetadata = (SSODescriptorType) request.getOptions().get(GeneralConstants.SSO_METADATA_DESCRIPTOR); if (spMetadata != null) { X509Certificate certificate = SAMLMetadataUtil.getCertificate(KeyTypes.SIGNING, spMetadata); if (certificate != null) { return certificate.getPublicKey(); } } return null; }
private PublicKey getSenderPublicKey(SAML2HandlerRequest request) { PublicKey publicKey = getPublicKeyFromMetadata(request); if (publicKey != null) { return publicKey; } publicKey = (PublicKey) request.getOptions().get(GeneralConstants.SENDER_PUBLIC_KEY); if (publicKey == null) { throw logger.nullArgumentError("Sender Public Key"); } return publicKey; }
private boolean isPostBindingForResponse(IdentityServer server, String participant, SAML2HandlerRequest request) { Boolean isPostParticipant = server.stack().getBinding(participant); if (isPostParticipant == null) isPostParticipant = Boolean.TRUE; Boolean isStrictPostBindingForResponse = (Boolean) request.getOptions().get( GeneralConstants.SAML_IDP_STRICT_POST_BINDING); if (isStrictPostBindingForResponse == null) isStrictPostBindingForResponse = Boolean.FALSE; return isPostParticipant || isStrictPostBindingForResponse; } }
private boolean isPostBindingForResponse(IdentityServer server, String participant, SAML2HandlerRequest request) { Boolean isPostParticipant = server.stack().getBinding(participant); if (isPostParticipant == null) isPostParticipant = Boolean.TRUE; Boolean isStrictPostBindingForResponse = (Boolean) request.getOptions().get( GeneralConstants.SAML_IDP_STRICT_POST_BINDING); if (isStrictPostBindingForResponse == null) isStrictPostBindingForResponse = Boolean.FALSE; return isPostParticipant || isStrictPostBindingForResponse; } }
private boolean isPostBindingForResponse(IdentityServer server, String participant, SAML2HandlerRequest request) { Boolean isPostParticipant = server.stack().getBinding(participant); if (isPostParticipant == null) isPostParticipant = Boolean.TRUE; Boolean isStrictPostBindingForResponse = (Boolean) request.getOptions().get( GeneralConstants.SAML_IDP_STRICT_POST_BINDING); if (isStrictPostBindingForResponse == null) isStrictPostBindingForResponse = Boolean.FALSE; return isPostParticipant || isStrictPostBindingForResponse; } }
private PublicKey getSenderPublicKey(SAML2HandlerRequest request) { PublicKey publicKey = getPublicKeyFromMetadata(request); if (publicKey != null) { return publicKey; } publicKey = (PublicKey) request.getOptions().get(GeneralConstants.SENDER_PUBLIC_KEY); if (publicKey == null) { throw logger.nullArgumentError("Sender Public Key"); } return publicKey; }
private String getParticipantURL(String destination, SAML2HandlerRequest request) { SPSSODescriptorType spMetadata = (SPSSODescriptorType) request.getOptions().get( GeneralConstants.SP_SSO_METADATA_DESCRIPTOR); // Metadata not found. We will use destination for registration to IdentityServer if (spMetadata == null) { return destination; } List<EndpointType> logoutEndpoints = spMetadata.getSingleLogoutService(); // If endpoint not found, we assume that SP doesn't support logout profile if (logoutEndpoints == null || logoutEndpoints.size() == 0) { return null; } // Use first endpoint for now (Maybe later we can find logoutType according to bindingType from SAMLRequest) EndpointType logoutEndpoint = logoutEndpoints.get(0); return logoutEndpoint.getLocation().toASCIIString(); }
private PublicKey getSenderPublicKey(SAML2HandlerRequest request) { PublicKey publicKey = getPublicKeyFromMetadata(request); if (publicKey != null) { return publicKey; } publicKey = (PublicKey) request.getOptions().get(GeneralConstants.SENDER_PUBLIC_KEY); if (publicKey == null) { throw logger.nullArgumentError("Sender Public Key"); } return publicKey; }
private PublicKey getSenderPublicKey(SAML2HandlerRequest request) { PublicKey publicKey = getPublicKeyFromMetadata(request); if (publicKey != null) { return publicKey; } publicKey = (PublicKey) request.getOptions().get(GeneralConstants.SENDER_PUBLIC_KEY); if (publicKey == null) { throw logger.nullArgumentError("Sender Public Key"); } return publicKey; }
@Override public void generateSAMLRequest(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException { if (SAML2HandlerRequest.GENERATE_REQUEST_TYPE.AUTH != request.getTypeOfRequestToBeGenerated()) return; if (getType() == HANDLER_TYPE.IDP) return; // Determine Id of of request, which is saved into session thanks to SAML2AuthenticationHandler String authnRequestId = (String) request.getOptions().get(GeneralConstants.AUTH_REQUEST_ID); // Save it into session for later use HttpSession session = BaseSAML2Handler.getHttpSession(request); session.setAttribute(GeneralConstants.AUTH_REQUEST_ID, authnRequestId); logger.trace("ID of authentication request " + authnRequestId + " saved into HTTP session."); }
@Override public void generateSAMLRequest(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException { if (SAML2HandlerRequest.GENERATE_REQUEST_TYPE.AUTH != request.getTypeOfRequestToBeGenerated()) return; if (getType() == HANDLER_TYPE.IDP) return; // Determine Id of of request, which is saved into session thanks to SAML2AuthenticationHandler String authnRequestId = (String) request.getOptions().get(GeneralConstants.AUTH_REQUEST_ID); // Save it into session for later use HttpSession session = BaseSAML2Handler.getHttpSession(request); session.setAttribute(GeneralConstants.AUTH_REQUEST_ID, authnRequestId); logger.trace("ID of authentication request " + authnRequestId + " saved into HTTP session."); }
@Override public void generateSAMLRequest(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException { if (SAML2HandlerRequest.GENERATE_REQUEST_TYPE.AUTH != request.getTypeOfRequestToBeGenerated()) return; if (getType() == HANDLER_TYPE.IDP) return; // Determine Id of of request, which is saved into session thanks to SAML2AuthenticationHandler String authnRequestId = (String) request.getOptions().get(GeneralConstants.AUTH_REQUEST_ID); // Save it into session for later use HttpSession session = BaseSAML2Handler.getHttpSession(request); session.setAttribute(GeneralConstants.AUTH_REQUEST_ID, authnRequestId); logger.trace("ID of authentication request " + authnRequestId + " saved into HTTP session."); }