Package org.jboss.identity.federation.api.saml.v2.metadata

Examples of org.jboss.identity.federation.api.saml.v2.metadata.KeyDescriptorMetaDataBuilder

209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
        
         //Place the xacml statement in an assertion
         //Then the assertion goes inside a SAML Response
        
         String ID = IDGenerator.create("ID_");
         SAML2Response saml2Response = new SAML2Response();
         IssuerInfoHolder issuerInfo = new IssuerInfoHolder(this.issuer);
        
         List<StatementAbstractType> statements = new ArrayList<StatementAbstractType>();
         statements.add(xacmlStatement);
        
         AssertionType assertion = SAMLAssertionFactory.createAssertion(ID,
               issuerInfo.getIssuer(),
               XMLTimeUtil.getIssueInstant(),
               null,
               null,
               statements);
   
         JAXBElement<?> jaxbResponse = JAXBElementMappingUtil.get(saml2Response.createResponseType(ID, issuerInfo, assertion));
        
         //Create a SOAP Envelope to hold the SAML response
         envelope = this.createEnvelope(jaxbResponse);
      }
      catch (JAXBException e)
View Full Code Here
221
222
223
224
225
226
227
228
229
230
231
232
233
   protected void send(ResponseType responseType, String relayState, Response response)
   throws ParsingException, ProcessingException
   {
      try
      {
         SAML2Response saml2Response = new SAML2Response();
            ByteArrayOutputStream baos = new ByteArrayOutputStream();
            saml2Response.marshall(responseType, baos);

            String urlEncodedResponse = RedirectBindingUtil.deflateBase64URLEncode(baos.toByteArray());

            String destination = responseType.getDestination();
            if(trace) log.trace("IDP:Destination=" + destination);
View Full Code Here
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
         {
            log.trace(e);
         }
         log.trace("IDPRedirectValve::AuthnRequest="+sw.toString());
      }
      SAML2Response saml2Response = new SAML2Response();
           
      //Create a response type
      String id = IDGenerator.create("ID_");

      IssuerInfoHolder issuerHolder = new IssuerInfoHolder(this.identityURL);
      issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get());

      IDPInfoHolder idp = new IDPInfoHolder();
      idp.setNameIDFormatValue(userPrincipal.getName());
      idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());

      SPInfoHolder sp = new SPInfoHolder();
      sp.setResponseDestinationURI(authnRequestType.getAssertionConsumerServiceURL());
      responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);
      //Add information on the roles
      List<String> roles = rg.generateRoles(userPrincipal);
      AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0);

      AttributeStatementType attrStatement = saml2Response.createAttributeStatement(roles);
      assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement);
     
      //Add timed conditions
      try
      {
         saml2Response.createTimedConditions(assertion, this.assertionValidity);
      }
      catch (IssueInstantMissingException e1)
      {
         log.error(e1);
      }
      //Lets see how the response looks like
      if(log.isTraceEnabled())
      {
         StringWriter sw = new StringWriter();
         try
         {
            saml2Response.marshall(responseType, sw);
         }
         catch (JAXBException e)
         {
            log.trace(e);
         }
View Full Code Here
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
   {
      try
      {
         ResponseType responseType = null;
        
         SAML2Response saml2Response = new SAML2Response();
              
         //Create a response type
         String id = IDGenerator.create("ID_");

         IssuerInfoHolder issuerHolder = new IssuerInfoHolder(this.identityURL);
         issuerHolder.setStatusCode(status);
        
         IDPInfoHolder idp = new IDPInfoHolder();
         idp.setNameIDFormatValue(null);
         idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());

         SPInfoHolder sp = new SPInfoHolder();
         sp.setResponseDestinationURI(responseURL);
         responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);

         //Lets see how the response looks like
         if(log.isTraceEnabled())
         {
            log.trace("ResponseType = ");
            StringWriter sw = new StringWriter();
            saml2Response.marshall(responseType, sw);
            log.trace("IDPRedirectValve::Response="+sw.toString());
         }

         return responseType;      
     
View Full Code Here
247
248
249
250
251
252
253
254
255
256
257
258
259
        
         //deal with SAML response from IDP
         byte[] base64DecodedResponse = Base64.decode(samlResponse);
         InputStream is = DeflateUtil.decode(base64DecodedResponse);

         SAML2Response saml2Response = new SAML2Response();
        
         ResponseType responseType = saml2Response.getResponseType(is);
                 
         this.isTrusted(responseType.getIssuer().getValue());
        
         List<Object> assertions = responseType.getAssertionOrEncryptedAssertion();
         if(assertions.size() == 0)
View Full Code Here
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
   protected ResponseType decryptAssertion(ResponseType responseType)
   throws IOException, GeneralSecurityException, ConfigurationException, ParsingException
   {
      try
      {
         SAML2Response saml2Response = new SAML2Response();
         PrivateKey privateKey = keyManager.getSigningKey();
        
         EncryptedElementType myEET = (EncryptedElementType) responseType.getAssertionOrEncryptedAssertion().get(0);
         Document eetDoc = saml2Response.convert(myEET);
        
         Element decryptedDocumentElement = XMLEncryptionUtil.decryptElementInDocument(eetDoc,privateKey);
        
         //Let us use the encrypted doc element to decrypt it
         return  saml2Response.getResponseType(DocumentUtil.getNodeAsStream(decryptedDocumentElement));   
      }
      catch (JAXBException e)
      {
         throw new ConfigurationException(e);
      }
View Full Code Here
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
        
         //deal with SAML response from IDP
         byte[] base64DecodedResponse = PostBindingUtil.base64Decode(samlResponse);
         InputStream is = new ByteArrayInputStream(base64DecodedResponse);

         SAML2Response saml2Response = new SAML2Response();
        
         ResponseType responseType = saml2Response.getResponseType(is);
        
         SAMLDocumentHolder samlDocumentHolder = saml2Response.getSamlDocumentHolder();
        
         boolean validSignature = this.verifySignature(samlDocumentHolder);
        
         if(validSignature == false)
            throw new IssuerNotTrustedException("Signature in saml document is invalid");
View Full Code Here
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
  
   @Override
   protected ResponseType getResponse(Request request, Principal userPrincipal)
   throws ParsingException, ConfigurationException, ProcessingException
   {
      SAML2Response saml2Response = new SAML2Response();
     
      ResponseType responseType =  super.getResponse(request, userPrincipal);
    
      //If there is a configuration to encrypt
      if(this.idpConfiguration.isEncrypt())
      {
         //Need to encrypt the assertion
         String sp = responseType.getDestination();
         if(sp == null)
            throw new IllegalStateException("Unable to handle encryption as SP url is null");
         try
         {
            URL spurl = new URL(sp);
            PublicKey publicKey = keyManager.getValidatingKey(spurl.getHost());
            EncryptionType enc = idpConfiguration.getEncryption();
            if(enc == null)
               throw new IllegalStateException("EncryptionType not configured");
            String encAlgo = enc.getEncAlgo().value();
            int keyLength = enc.getKeySize();
            //Generate a key on the fly
            SecretKey sk = keyManager.getEncryptionKey(spurl.getHost(), encAlgo, keyLength);
           
            StringWriter sw = new StringWriter();
            saml2Response.marshall(responseType, sw);
           
            Document responseDoc = DocumentUtil.getDocument(new StringReader(sw.toString()))
     
            String assertionNS = JBossSAMLURIConstants.ASSERTION_NSURI.get();
           
            QName assertionQName = new QName(assertionNS, "EncryptedAssertion", "saml");
           
            Element encAssertion = XMLEncryptionUtil.encryptElementInDocument(responseDoc,
                            publicKey, sk, keyLength, assertionQName, true);
           
           
            EncryptedElementType eet = saml2Response.getEncryptedAssertion(DocumentUtil.getNodeAsStream(encAssertion));
            responseType.getAssertionOrEncryptedAssertion().set(0, eet);
         }
         catch (MalformedURLException e)
         {
            throw new ParsingException(e);
         }
         catch (JAXBException e)
         {
            throw new ParsingException(e);
         }
         catch (SAXException e)
         {
            throw new ParsingException(e);
         }
         catch (ParserConfigurationException e)
         {
            throw new ConfigurationException(e);
         }
         catch (IOException e)
         {
            throw new ProcessingException(e);
         }
         catch (TransformerFactoryConfigurationError e)
         {
            throw new ConfigurationException(e);
         }
         catch (TransformerException e)
         {
            throw new ProcessingException(e);
         }
         catch (Exception e)
         {
            throw new ProcessingException(e);
         }
      }
      //Lets see how the response looks like
      if(log.isTraceEnabled())
      {
         StringWriter sw = new StringWriter();
         try
         {
            saml2Response.marshall(responseType, sw);
         }
         catch (JAXBException e)
         {
            if(trace) log.trace(e);
         }
View Full Code Here
187
188
189
190
191
192
193
194
195
196
197
198
         log.trace("Support Sig=" + supportSignature + " ::Post Profile?=" + hasSAMLRequestInPostProfile());
      if(supportSignature && hasSAMLRequestInPostProfile())
      {
         try
         {
            SAML2Signature saml2Signature = new SAML2Signature();
            samlResponseDocument = saml2Signature.sign(responseType, keyManager.getSigningKeyPair());
        
         catch (Exception e)
         { 
            if(trace) log.trace(e);
         }
View Full Code Here
410
411
412
413
414
415
416
417
418
419
420
421
            String algo = keyManager.getSigningKey().getAlgorithm();
            String sigAlg = SignatureUtil.getXMLSignatureAlgorithmURI(algo);
           
            sigAlg = URLEncoder.encode(sigAlg, "UTF-8");
            
            SAML2Signature ss = new SAML2Signature();
            samlResponse = ss.sign(responseType, keyManager.getSigningKeyPair());
         }
         catch (Exception e)
         {
            if(trace) log.trace(e);
         }
View Full Code Here
TOP

Related Classes of org.jboss.identity.federation.api.saml.v2.metadata.KeyDescriptorMetaDataBuilder

  • org.jboss.identity.federation.api.saml.v2.request.SAML2Request
  • org.jboss.identity.federation.api.saml.v2.response.SAML2Response
  • org.jboss.identity.federation.api.saml.v2.sig.SAML2Signature
  • org.jboss.identity.federation.bindings.servlets.SOAPSAMLXACMLServlet
  • org.jboss.identity.federation.bindings.tomcat.idp.IDPRedirectValve
  • org.jboss.identity.federation.bindings.tomcat.idp.IDPRedirectWithSignatureValve
  • org.jboss.identity.federation.bindings.tomcat.idp.IDPWebRequestUtil
  • org.jboss.identity.federation.bindings.tomcat.sp.SPPostFormAuthenticator
  • org.jboss.identity.federation.bindings.tomcat.sp.SPPostSignatureFormAuthenticator
  • org.jboss.identity.federation.bindings.tomcat.sp.SPRedirectFormAuthenticator
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.