Examples of org.jboss.identity.federation.saml.v2.protocol.ResponseType

• org.jboss.identity.federation.saml.v2.protocol.ResponseType

  Java class for ResponseType complex type.

  The following schema fragment specifies the expected content contained within this class.

   <complexType name="ResponseType"> <complexContent> <extension base="{urn:oasis:names:tc:SAML:2.0:protocol}StatusResponseType"> <choice maxOccurs="unbounded" minOccurs="0"> <element ref="{urn:oasis:names:tc:SAML:2.0:assertion}Assertion"/> <element ref="{urn:oasis:names:tc:SAML:2.0:assertion}EncryptedAssertion"/> </choice> </extension> </complexContent> </complexType> 

            try
            {
               SAML2Response saml2Response = new SAML2Response();

               ResponseType responseType = saml2Response.getResponseType(is);

               SAMLDocumentHolder samlDocumentHolder = saml2Response.getSamlDocumentHolder();

               boolean validSignature = this.verifySignature(samlDocumentHolder);

               if(validSignature == false)
                  throw new IssuerNotTrustedException("Signature in saml document is invalid");

               this.isTrusted(responseType.getIssuer().getValue());

               List<Object> assertions = responseType.getAssertionOrEncryptedAssertion();
               if(assertions.size() == 0)
                  throw new IllegalStateException("No assertions in reply from IDP");

               Object assertion = assertions.get(0);
               if(assertion instanceof EncryptedElementType)

   }

   protected boolean verifySignature(SAMLDocumentHolder samlDocumentHolder) throws IssuerNotTrustedException
   {
      Document samlResponse = samlDocumentHolder.getSamlDocument();
      ResponseType response = (ResponseType) samlDocumentHolder.getSamlObject();

      String issuerID = response.getIssuer().getValue();

      if(issuerID == null)
         throw new IssuerNotTrustedException("Issue missing");

      URL issuerURL;

   @Override
   protected boolean verifySignature(SAMLDocumentHolder samlDocumentHolder) throws IssuerNotTrustedException
   {
      Document samlResponse = samlDocumentHolder.getSamlDocument();
      ResponseType response = (ResponseType) samlDocumentHolder.getSamlObject();

      String issuerID = response.getIssuer().getValue();

      if(issuerID == null)
         throw new IssuerNotTrustedException("Issue missing");

      URL issuerURL;

   protected ResponseType getResponse(Request request, Principal userPrincipal)
   throws ParsingException, ConfigurationException, ProcessingException
   {
      SAML2Response saml2Response = new SAML2Response();

      ResponseType responseType =  super.getResponse(request, userPrincipal);

      //If there is a configuration to encrypt
      if(this.idpConfiguration.isEncrypt())
      {
         //Need to encrypt the assertion
         String sp = responseType.getDestination();
         if(sp == null)
            throw new IllegalStateException("Unable to handle encryption as SP url is null");
         try
         {
            URL spurl = new URL(sp);
            PublicKey publicKey = keyManager.getValidatingKey(spurl.getHost());
            EncryptionType enc = idpConfiguration.getEncryption();
            if(enc == null)
               throw new IllegalStateException("EncryptionType not configured");
            String encAlgo = enc.getEncAlgo().value();
            int keyLength = enc.getKeySize();
            //Generate a key on the fly
            SecretKey sk = keyManager.getEncryptionKey(spurl.getHost(), encAlgo, keyLength);

            StringWriter sw = new StringWriter();
            saml2Response.marshall(responseType, sw);

            Document responseDoc = DocumentUtil.getDocument(new StringReader(sw.toString()));

            String assertionNS = JBossSAMLURIConstants.ASSERTION_NSURI.get();

            QName assertionQName = new QName(assertionNS, "EncryptedAssertion", "saml");

            Element encAssertion = XMLEncryptionUtil.encryptElementInDocument(responseDoc,
                            publicKey, sk, keyLength, assertionQName, true);


            EncryptedElementType eet = saml2Response.getEncryptedAssertion(DocumentUtil.getNodeAsStream(encAssertion));
            responseType.getAssertionOrEncryptedAssertion().set(0, eet);
         }
         catch (MalformedURLException e)
         {
            throw new ParsingException(e);
         }

      }
      try
      {
         Binder<Node> binder = getBinder();
         JAXBElement<ResponseType> jaxbResponseType = (JAXBElement<ResponseType>) binder.unmarshal(samlResponseDocument);
         ResponseType responseType = jaxbResponseType.getValue();
         samlDocumentHolder = new SAMLDocumentHolder(responseType, samlResponseDocument);
         return responseType;
      }
      catch (JAXBException e)
      {

      public void handleStatusResponseType( SAML2HandlerRequest request,
            SAML2HandlerResponse response ) throws ProcessingException
      {
         HTTPContext httpContext = (HTTPContext) request.getContext();
         ResponseType responseType = (ResponseType) request.getSAML2Object();
         List<Object> assertions = responseType.getAssertionOrEncryptedAssertion();
         if(assertions.size() == 0)
            throw new IllegalStateException("No assertions in reply from IDP");

         Object assertion = assertions.get(0);
         if(assertion instanceof EncryptedElementType)

   }

   protected boolean verifySignature(SAMLDocumentHolder samlDocumentHolder) throws IssuerNotTrustedException
   {
      Document samlResponse = samlDocumentHolder.getSamlDocument();
      ResponseType response = (ResponseType) samlDocumentHolder.getSamlObject();

      String issuerID = response.getIssuer().getValue();

      if(issuerID == null)
         throw new IssuerNotTrustedException("Issue missing");

      URL issuerURL;

      Document samlResponseDocument = null;

      if(trace)
         log.trace("AssertionConsumerURL=" + assertionConsumerURL +
            "::assertion validity=" + assertionValidity);
      ResponseType responseType = null;

      SAML2Response saml2Response = new SAML2Response();

      //Create a response type
      String id = IDGenerator.create("ID_");

      IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL);
      issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get());

      IDPInfoHolder idp = new IDPInfoHolder();
      idp.setNameIDFormatValue(userPrincipal.getName());
      idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());

      SPInfoHolder sp = new SPInfoHolder();
      sp.setResponseDestinationURI(assertionConsumerURL);
      responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);

      //Add information on the roles
      AssertionType assertion = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0);

      AttributeStatementType attrStatement = saml2Response.createAttributeStatement(roles);
      assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStatement);

      //Add timed conditions

    */
   public Document getErrorResponse(String responseURL, String status,
         String identityURL, boolean supportSignature)
   {
      Document samlResponse = null;
      ResponseType responseType = null;

      SAML2Response saml2Response = new SAML2Response();

      //Create a response type
      String id = IDGenerator.create("ID_");

         {
            Fault fault = (Fault) response;
            return new Result(null,fault);
         }

         ResponseType responseType = (ResponseType) response;
         AssertionType at = (AssertionType) responseType.getAssertionOrEncryptedAssertion().get(0);
         XACMLAuthzDecisionStatementType xst = (XACMLAuthzDecisionStatementType) at.getStatementOrAuthnStatementOrAuthzDecisionStatement().get(0);
         ResultType rt = xst.getResponse().getResult().get(0);
         DecisionType dt = rt.getDecision();

         return new Result(dt,null);