public static SamlAuthenticationHandler create(HttpFacade facade, SamlDeployment deployment, SamlSessionStore sessionStore) { return new EcpAuthenticationHandler(facade, deployment, sessionStore); }
protected SamlAuthenticationHandler createAuthenticationHandler(HttpFacade facade, SamlDeployment deployment, SamlSessionStore sessionStore) { if (EcpAuthenticationHandler.canHandle(facade)) { return EcpAuthenticationHandler.create(facade, deployment, sessionStore); } // defaults to the web browser sso profile return createBrowserHandler(facade, deployment, sessionStore); }
@Override public AuthOutcome handle(OnSessionCreated onCreateSession) { String header = facade.getRequest().getHeader(PAOS_HEADER); if (header != null) { return doHandle(new SamlInvocationContext(), onCreateSession); } else { try { MessageFactory messageFactory = MessageFactory.newInstance(); SOAPMessage soapMessage = messageFactory.createMessage(null, facade.getRequest().getInputStream()); SOAPBody soapBody = soapMessage.getSOAPBody(); Node authnRequestNode = soapBody.getFirstChild(); Document document = DocumentUtil.createDocument(); document.appendChild(document.importNode(authnRequestNode, true)); String samlResponse = PostBindingUtil.base64Encode(DocumentUtil.asString(document)); return doHandle(new SamlInvocationContext(null, samlResponse, null), onCreateSession); } catch (Exception e) { throw new RuntimeException("Error creating fault message.", e); } } }
@Override protected void sendAuthnRequest(HttpFacade httpFacade, SAML2AuthnRequestBuilder authnRequestBuilder, BaseSAML2BindingBuilder binding) { try { MessageFactory messageFactory = MessageFactory.newInstance(); SOAPMessage message = messageFactory.createMessage(); SOAPEnvelope envelope = message.getSOAPPart().getEnvelope(); envelope.addNamespaceDeclaration(NS_PREFIX_SAML_ASSERTION, JBossSAMLURIConstants.ASSERTION_NSURI.get()); envelope.addNamespaceDeclaration(NS_PREFIX_SAML_PROTOCOL, JBossSAMLURIConstants.PROTOCOL_NSURI.get()); envelope.addNamespaceDeclaration(NS_PREFIX_PAOS_BINDING, JBossSAMLURIConstants.PAOS_BINDING.get()); envelope.addNamespaceDeclaration(NS_PREFIX_PROFILE_ECP, JBossSAMLURIConstants.ECP_PROFILE.get()); createPaosRequestHeader(envelope); createEcpRequestHeader(envelope); SOAPBody body = envelope.getBody(); body.addDocument(binding.postBinding(authnRequestBuilder.toDocument()).getDocument()); message.writeTo(httpFacade.getResponse().getOutputStream()); } catch (Exception e) { throw new RuntimeException("Could not create AuthnRequest.", e); } }
private void createPaosRequestHeader(SOAPEnvelope envelope) throws SOAPException { SOAPHeader headers = envelope.getHeader(); SOAPHeaderElement paosRequestHeader = headers.addHeaderElement(envelope.createQName(JBossSAMLConstants.REQUEST.get(), NS_PREFIX_PAOS_BINDING)); paosRequestHeader.setMustUnderstand(true); paosRequestHeader.setActor("http://schemas.xmlsoap.org/soap/actor/next"); paosRequestHeader.addAttribute(envelope.createName("service"), JBossSAMLURIConstants.ECP_PROFILE.get()); paosRequestHeader.addAttribute(envelope.createName("responseConsumerURL"), getResponseConsumerUrl()); }