Examples of org.picketlink.identity.federation.saml.v2.protocol.AuthnRequestType

• org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType
  3.org/2001/XMLSchema}boolean" /> <attribute name="IsPassive" type="{http://www.w3.org/2001/XMLSchema}boolean" /> <attribute name="ProtocolBinding" type="{http://www.w3.org/2001/XMLSchema}anyURI" /> <attribute name="AssertionConsumerServiceIndex" type="{http://www.w3.org/2001/XMLSchema}unsignedShort" /> <attribute name="AssertionConsumerServiceURL" type="{http://www.w3.org/2001/XMLSchema}anyURI" /> <attribute name="AttributeConsumingServiceIndex" type="{http://www.w3.org/2001/XMLSchema}unsignedShort" /> <attribute name="ProviderName" type="{http://www.w3.org/2001/XMLSchema}string" /> </extension> </complexContent> </complexType>

            String nameIDFormat = (String) handlerConfig.getParameter(GeneralConstants.NAMEID_FORMAT);
            if (StringUtil.isNotNull(nameIDFormat)) {
                samlRequest.setNameIDFormat(nameIDFormat);
            }
            try {
                AuthnRequestType authn = samlRequest.createAuthnRequestType(id, assertionConsumerURL,
                        response.getDestination(), issuerValue);

                createRequestAuthnContext(authn);

                String bindingType = getSPConfiguration().getBindingType();
                boolean isIdpUsesPostBinding = getSPConfiguration().isIdpUsesPostBinding();

                if (bindingType != null) {
                    if (bindingType.equals("POST") || isIdpUsesPostBinding) {
                        authn.setProtocolBinding(URI.create(JBossSAMLURIConstants.SAML_HTTP_POST_BINDING.get()));
                    } else if (bindingType.equals("REDIRECT")) {
                        authn.setProtocolBinding(URI.create(JBossSAMLURIConstants.SAML_HTTP_REDIRECT_BINDING.get()));
                    } else {
                        throw logger.samlInvalidProtocolBinding();
                    }
                }

            // We need to send request to IDP
            if (userPrincipal == null) {
                String relayState = null;
                try {
                    // TODO: use the handlers to generate the request
                    AuthnRequestType authnRequest = createSAMLRequest(serviceURL, identityURL);
                    sendRequestToIDP(authnRequest, relayState, response);
                } catch (Exception e) {
                    throw new ServletException(e);
                }
                return;

        issuerNameID.setValue(IDENTITY_PROVIDER_URL);

        SAML2Request samlRequest = new SAML2Request();

        AuthnRequestType authnRequestType = samlRequest.createAuthnRequestType("AuthnRequest_FAKE_ID",
                SERVICE_PROVIDER_URL, SERVICE_PROVIDER_URL,
                SERVICE_PROVIDER_URL);

        DefaultSAML2HandlerRequest handlerAuthnRequest = new DefaultSAML2HandlerRequest(new HTTPContext(
                new MockHttpServletRequest(new MockHttpSession(), "POST"), new MockHttpServletResponse(), servletContext),

        public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException {
            HTTPContext httpContext = (HTTPContext) request.getContext();
            ServletContext servletContext = httpContext.getServletContext();

            AuthnRequestType art = (AuthnRequestType) request.getSAML2Object();
            if (art == null)
                throw logger.samlHandlerAuthnRequestIsNull();

            String destination = art.getAssertionConsumerServiceURL().toASCIIString();

            logger.trace("Destination = " + destination);

            response.setDestination(destination);

        }

        @SuppressWarnings("unchecked")
        public Document getResponse(SAML2HandlerRequest request) throws ConfigurationException, ProcessingException {
            HTTPContext httpContext = (HTTPContext) request.getContext();
            AuthnRequestType art = (AuthnRequestType) request.getSAML2Object();
            HttpSession session = BaseSAML2Handler.getHttpSession(request);
            Principal userPrincipal = (Principal) session.getAttribute(GeneralConstants.PRINCIPAL_ID);
            if (userPrincipal == null)
                userPrincipal = httpContext.getRequest().getUserPrincipal();

            String assertionConsumerURL = art.getAssertionConsumerServiceURL().toASCIIString();
            List<String> roles = (List<String>) session.getAttribute(GeneralConstants.ROLES_ID);
            String identityURL = request.getIssuer().getValue();
            Map<String, Object> attribs = (Map<String, Object>) request.getOptions().get(GeneralConstants.ATTRIBUTES);
            String requestID = art.getID();

            Document samlResponseDocument = null;

            String authMethod = (String) request.getOptions().get(GeneralConstants.LOGIN_TYPE);

            logger.trace("AssertionConsumerURL=" + assertionConsumerURL);

            ResponseType responseType = null;

            SAML2Response saml2Response = new SAML2Response();

            // Create a response type
            String id = IDGenerator.create("ID_");

            IssuerInfoHolder issuerHolder = new IssuerInfoHolder(identityURL);
            issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get());

            IDPInfoHolder idp = new IDPInfoHolder();
            idp.setNameIDFormatValue(userPrincipal.getName());
            idp.setNameIDFormat(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get());

            String assertionID = (String) session.getAttribute(GeneralConstants.ASSERTION_ID);

            if (assertionID != null) {
                // Just renew the assertion
                AssertionType latestAssertion = (AssertionType) session.getAttribute(GeneralConstants.ASSERTION);
                if (latestAssertion != null)
                    idp.setAssertion(latestAssertion);
            }

            SPInfoHolder sp = new SPInfoHolder();
            sp.setResponseDestinationURI(assertionConsumerURL);
            sp.setRequestID(requestID);
            sp.setIssuer(art.getIssuer().getValue());
            responseType = saml2Response.createResponseType(id, sp, idp, issuerHolder);

            // Add information on the roles
            AssertionType assertion = responseType.getAssertions().get(0).getAssertion();

     * @throws Exception
     */
    public void testSigUseCase() throws Exception {
        SAML2Request samlRequest = new SAML2Request();

        AuthnRequestType authnRequest = samlRequest.createAuthnRequestType(IDGenerator.create("ID_"), "http://sp",
                "http://idp", "http://sp");

        KeyPair kp = KeyStoreUtil.generateKeyPair("RSA");

        PrivateKey signingKey = kp.getPrivate();

     * Test the encoding/decoding of a SAML2 AuthnRequest
     *
     * @throws Exception
     */
    public void testRegularRedirectBindingUseCaseWithStringWriter() throws Exception {
        AuthnRequestType authnRequest = (new SAML2Request()).createAuthnRequestType(IDGenerator.create("ID_"), "http://sp",
                "http://idp", "http://sp");

        StringWriter sw = new StringWriter();
        SAML2Request saml2Request = new SAML2Request();
        saml2Request.marshall(authnRequest, sw);

     * Test the encoding/decoding of a SAML2 AuthnRequest (Use of ByteArrayOutputStream)
     *
     * @throws Exception
     */
    public void testRegularRedirectBindingUseCaseWithByteArray() throws Exception {
        AuthnRequestType authnRequest = (new SAML2Request()).createAuthnRequestType(IDGenerator.create("ID_"), "http://sp",
                "http://idp", "http://sp");

        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        SAML2Request saml2Request = new SAML2Request();
        saml2Request.marshall(authnRequest, baos);

        String request = RedirectBindingUtil.deflateBase64URLEncode(baos.toByteArray());

        InputStream is = RedirectBindingUtil.urlBase64DeflateDecode(request);

        AuthnRequestType parsed = saml2Request.getAuthnRequestType(is);
        assertNotNull("Parsed request is not null", parsed);
    }

                // Get the SAML Request Message
                AuthnRequestType authn = (AuthnRequestType) samlObject;
                return loginRequest(relayState, authn, client);
            } else if (samlObject instanceof LogoutRequestType) {
                event.event(EventType.LOGOUT);
                LogoutRequestType logout = (LogoutRequestType) samlObject;
                return logoutRequest(logout, client);

            } else {
                event.event(EventType.LOGIN);
                event.error(Errors.INVALID_TOKEN);

        if (encrypt) encryptDocument(document);
        return document;
    }

    private LogoutRequestType createLogoutRequest() throws ConfigurationException {
        LogoutRequestType lort = new SAML2Request().createLogoutRequest(responseIssuer);

        NameIDType nameID = new NameIDType();
        nameID.setValue(userPrincipal);
        //Deal with NameID Format
        String nameIDFormat = JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get();
        nameID.setFormat(URI.create(nameIDFormat));
        lort.setNameID(nameID);

        long assertionValidity = PicketLinkCoreSTS.instance().getConfiguration().getIssuedTokenTimeout();

        lort.setNotOnOrAfter(XMLTimeUtil.add(lort.getIssueInstant(), assertionValidity));
        lort.setDestination(URI.create(destination));
        return lort;
    }