Examples of org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType

• org.jboss.seam.security.external.jaxb.samlv2.protocol.AuthnRequestType
  3.org/2001/XMLSchema}boolean" /> <attribute name="IsPassive" type="{http://www.w3.org/2001/XMLSchema}boolean" /> <attribute name="ProtocolBinding" type="{http://www.w3.org/2001/XMLSchema}anyURI" /> <attribute name="AssertionConsumerServiceIndex" type="{http://www.w3.org/2001/XMLSchema}unsignedShort" /> <attribute name="AssertionConsumerServiceURL" type="{http://www.w3.org/2001/XMLSchema}anyURI" /> <attribute name="AttributeConsumingServiceIndex" type="{http://www.w3.org/2001/XMLSchema}unsignedShort" /> <attribute name="ProviderName" type="{http://www.w3.org/2001/XMLSchema}string" /> </extension> </complexContent> </complexType>

   protected void sendErrorResponseToSP(String referrer, Response response, String relayState,
         IDPWebRequestUtil webRequestUtil) throws ServletException, IOException, ConfigurationException
   {
      log.trace("About to send error response to SP:" + referrer);

      ResponseType errorResponseType =
         webRequestUtil.getErrorResponse(referrer, JBossSAMLURIConstants.STATUS_RESPONDER.get(),
               this.identityURL);
      try
      {
         if(this.supportSignature)

         byte[] base64DecodedResponse = Base64.decode(samlResponse);
         InputStream is = DeflateUtil.decode(base64DecodedResponse);

         SAML2Response saml2Response = new SAML2Response();

         ResponseType responseType;
         try
         {
            responseType = saml2Response.getResponseType(is);
         }
         catch (JAXBException e)
         {
            throw new ParsingException(e);
         }
         catch (SAXException e)
         {
            throw new ParsingException(e);
         }

         this.isTrusted(responseType.getIssuer().getValue());

         List<Object> assertions = responseType.getAssertionOrEncryptedAssertion();
         if(assertions.size() == 0)
            throw new IllegalStateException("No assertions in reply from IDP");

         Object assertion = assertions.get(0);
         if(assertion instanceof EncryptedElementType)

   protected ResponseType getResponse(Request request, Principal userPrincipal)
   throws ParsingException, ConfigurationException, ProcessingException
   {
      SAML2Response saml2Response = new SAML2Response();

      ResponseType responseType =  super.getResponse(request, userPrincipal);

      //If there is a configuration to encrypt
      if(this.idpConfiguration.isEncrypt())
      {
         //Need to encrypt the assertion
         String sp = responseType.getDestination();
         if(sp == null)
            throw new IllegalStateException("Unable to handle encryption as SP url is null");
         try
         {
            URL spurl = new URL(sp);
            PublicKey publicKey = keyManager.getValidatingKey(spurl.getHost());
            EncryptionType enc = idpConfiguration.getEncryption();
            if(enc == null)
               throw new IllegalStateException("EncryptionType not configured");
            String encAlgo = enc.getEncAlgo().value();
            int keyLength = enc.getKeySize();
            //Generate a key on the fly
            SecretKey sk = keyManager.getEncryptionKey(spurl.getHost(), encAlgo, keyLength);

            StringWriter sw = new StringWriter();
            saml2Response.marshall(responseType, sw);

            Document responseDoc = DocumentUtil.getDocument(new StringReader(sw.toString()));

            String assertionNS = JBossSAMLURIConstants.ASSERTION_NSURI.get();

            QName assertionQName = new QName(assertionNS, "EncryptedAssertion", "saml");

            Element encAssertion = XMLEncryptionUtil.encryptElementInDocument(responseDoc,
                            publicKey, sk, keyLength, assertionQName, true);


            EncryptedElementType eet = saml2Response.getEncryptedAssertion(DocumentUtil.getNodeAsStream(encAssertion));
            responseType.getAssertionOrEncryptedAssertion().set(0, eet);
         }
         catch (MalformedURLException e)
         {
            // TODO Auto-generated catch block
            e.printStackTrace();

         long assertionValidity)
   throws ConfigurationException, IssueInstantMissingException
   {
      log.trace("AssertionConsumerURL=" + assertionConsumerURL +
            "::assertion validity=" + assertionValidity);
      ResponseType responseType = null;

      SAML2Response saml2Response = new SAML2Response();

      //Create a response type
      String id = IDGenerator.create("ID_");

      IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL);
      issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get());

      IDPInfoHolder idp = new IDPInfoHolder();
      idp.setNameIDFormatValue(userPrincipal.getName());
      idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());

      SPInfoHolder sp = new SPInfoHolder();
      sp.setResponseDestinationURI(assertionConsumerURL);
      responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);


      //Add information on the roles
      AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0);

      AttributeStatementType attrStatement = saml2Response.createAttributeStatement(roles);
      assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement);

      //Add timed conditions

    * @throws ConfigurationException
    */
   public ResponseType getErrorResponse(String responseURL, String status,
         String identityURL)
   {
      ResponseType responseType = null;

      SAML2Response saml2Response = new SAML2Response();

      //Create a response type
      String id = IDGenerator.create("ID_");

         byte[] base64DecodedResponse = PostBindingUtil.base64Decode(samlResponse);
         InputStream is = new ByteArrayInputStream(base64DecodedResponse);

         SAML2Response saml2Response = new SAML2Response();

         ResponseType responseType = saml2Response.getResponseType(is);

         this.isTrusted(responseType.getIssuer().getValue());

         List<Object> assertions = responseType.getAssertionOrEncryptedAssertion();
         if(assertions.size() == 0)
            throw new IllegalStateException("No assertions in reply from IDP");

         Object assertion = assertions.get(0);
         if(assertion instanceof EncryptedElementType)

      if(request == null)
         throw new IllegalArgumentException("request is null");
      if(responseType == null)
         throw new IllegalArgumentException("response type is null");

      StatusType statusType = responseType.getStatus();
      if(statusType == null)
         throw new IllegalArgumentException("Status Type from the IDP is null");

      String statusValue = statusType.getStatusCode().getValue();
      if(JBossSAMLURIConstants.STATUS_SUCCESS.get().equals(statusValue) == false)
         throw new SecurityException("IDP forbid the user");

      List<Object> assertions = responseType.getAssertionOrEncryptedAssertion();
      if(assertions.size() == 0)

        try {
            samlRequest.setDestination(endpoint.getLocation());

            JAXBElement<?> requestElement;
            if (samlRequest instanceof AuthnRequestType) {
                AuthnRequestType authnRequest = (AuthnRequestType) samlRequest;
                requestElement = new ObjectFactory().createAuthnRequest(authnRequest);
            } else if (samlRequest instanceof LogoutRequestType) {
                LogoutRequestType logoutRequest = (LogoutRequestType) samlRequest;
                requestElement = new ObjectFactory().createLogoutRequest(logoutRequest);
            } else {

        return response;
    }

    public AuthnRequestType createAuthnRequest() {
        AuthnRequestType authnRequest = objectFactory.createAuthnRequestType();

        fillRequestAbstractTypeFields(authnRequest);

        // Fill in the optional fields that indicate where and how the response
        // should be delivered.
        authnRequest.setAssertionConsumerServiceURL(samlEntityBean.get().getServiceURL(SamlServiceType.SAML_ASSERTION_CONSUMER_SERVICE));
        authnRequest.setProtocolBinding(SamlConstants.HTTP_POST_BINDING);

        return authnRequest;
    }

            samlServiceProviderSpi.get().loginSucceeded(session, responseHandler.createResponseHolder(response));
        }
    }

    public void sendAuthenticationRequestToIDP(SamlExternalIdentityProvider idp, HttpServletResponse response) {
        AuthnRequestType authnRequest = samlMessageFactory.createAuthnRequest();

        samlDialogue.setExternalProvider(idp);

        samlMessageSender.sendRequest(idp, SamlProfile.SINGLE_SIGN_ON, authnRequest, response);
    }