Examples of SAMLSSOServiceProviderDO

• org.wso2.carbon.identity.core.model.SAMLSSOServiceProviderDO

Examples of org.wso2.carbon.identity.core.model.SAMLSSOServiceProviderDO

                    SAMLSSORespDTO errorResp = buildErrorResponse(authnReqDTO.getId(), SAMLSSOConstants.StatusCodes.AUTHN_FAILURE,
                            "Authentication Failure, invalid username or password.");
                    errorResp.setLoginPageURL(authnReqDTO.getLoginPageURL());
                    return errorResp;
                }
                SAMLSSOServiceProviderDO spDO = new SAMLSSOServiceProviderDO();
                spDO.setIssuer(authnReqDTO.getIssuer());
                spDO.setAssertionConsumerUrl(authnReqDTO.getAssertionConsumerURL());
                spDO.setCertAlias(authnReqDTO.getCertAlias());
                spDO.setLogoutURL(authnReqDTO.getLogoutURL());
                sessionPersistenceManager.persistSession(sessionId, authnReqDTO.getUsername(),
                                                         spDO, authnReqDTO.getRpSessionId());
            }

            if (isAuthencated && authMode.equals(SAMLSSOConstants.AuthnModes.USERNAME_PASSWORD)) {
                SessionInfoData sessionInfo = sessionPersistenceManager.getSessionInfo(sessionId);
                authnReqDTO.setUsername(sessionInfo.getSubject());
                sessionPersistenceManager.persistSession(sessionId, authnReqDTO.getIssuer(),
                        authnReqDTO.getAssertionConsumerURL(), authnReqDTO.getRpSessionId());
            }

            if(isAuthencated && authMode.equals(SAMLSSOConstants.AuthnModes.OPENID)){
                SAMLSSOServiceProviderDO spDO = new SAMLSSOServiceProviderDO();
                spDO.setIssuer(authnReqDTO.getIssuer());
                spDO.setAssertionConsumerUrl(authnReqDTO.getAssertionConsumerURL());
                spDO.setCertAlias(authnReqDTO.getCertAlias());
                spDO.setLogoutURL(authnReqDTO.getLogoutURL());
                sessionPersistenceManager.persistSession(sessionId, authnReqDTO.getUsername(),
                                                         spDO, authnReqDTO.getRpSessionId());
            }

            //Build the response for the successful scenario

Examples of org.wso2.carbon.identity.core.model.SAMLSSOServiceProviderDO

        try {
            if (sessionId != null) {
                if (sessionMap.containsKey(sessionId)) {
                    SessionInfoData sessionInfoData = sessionMap.get(sessionId);
                    String subject = sessionInfoData.getSubject();
                    SAMLSSOServiceProviderDO spDO = SSOServiceProviderConfigManager.getInstance().getServiceProvider(issuer);
                    if (spDO == null) {
                        IdentityPersistenceManager identityPersistenceManager = IdentityPersistenceManager
                                .getPersistanceManager();
                        spDO = identityPersistenceManager.getServiceProvider(
                                AnonymousSessionUtil.getSystemRegistryByUserName(SAMLSSOUtil.getRegistryService(),
                                        SAMLSSOUtil.getRealmService(), subject), issuer);
                    }
                    //give priority to assertion consuming URL if specified in the request
                    if (assertionConsumerURL != null) {
                        spDO.setAssertionConsumerUrl(assertionConsumerURL);
                    }
                    sessionInfoData.addServiceProvider(spDO.getIssuer(), spDO, rpSessionId);
                    return true;
                } else {
                    log.error("Error persisting the new session, there is no previously established session for this " +
                            "user");
                    return false;

Examples of org.wso2.carbon.identity.core.model.SAMLSSOServiceProviderDO

    private boolean validateIssuer(SAMLSSOAuthnReqDTO authReqDTO) throws IdentityException {

        try {
            SSOServiceProviderConfigManager spConfigManager = SSOServiceProviderConfigManager.getInstance();
            SAMLSSOServiceProviderDO spDO = spConfigManager.getServiceProvider(authReqDTO.getIssuer());
            if (spDO == null) {
                IdentityPersistenceManager persistenceManager = IdentityPersistenceManager.getPersistanceManager();
                spDO = persistenceManager.getServiceProvider(
                        AnonymousSessionUtil.getSystemRegistryByUserName(SAMLSSOUtil.getRegistryService(),
                                SAMLSSOUtil.getRealmService(), authReqDTO.getUsername()), authReqDTO.getIssuer());
            }

            //Invalid issuer
            if (spDO == null) {
                return false;
            }

            //give more priority to the Assrtn Consumer URL if specified in the Auth. Req
            if (authReqDTO.getAssertionConsumerURL() == null) {
                authReqDTO.setAssertionConsumerURL(spDO.getAssertionConsumerUrl());
            }

            authReqDTO.setLoginPageURL(spDO.getLoginPageURL());
            authReqDTO.setCertAlias(spDO.getCertAlias());
            authReqDTO.setUseFullyQualifiedUsernameAsSubject(spDO.isUseFullyQualifiedUsername());
            authReqDTO.setDoSingleLogout(spDO.isDoSingleLogout());
            authReqDTO.setLogoutURL(spDO.getLogoutURL());
            authReqDTO.setDoSignAssertions(spDO.isDoSignAssertions());
            return true;

        } catch (Exception e) {
            log.error("Error validating the issuer", e);
            throw new IdentityException("Error validating the issuer", e);

Examples of org.wso2.carbon.identity.core.model.SAMLSSOServiceProviderDO

     * @return true if successful, false otherwise
     * @throws IdentityException    if fails to load the identity persistence manager
     */
    public boolean addRelyingPartyServiceProvider(SAMLSSOServiceProviderDTO serviceProviderDTO) throws IdentityException {

        SAMLSSOServiceProviderDO serviceProviderDO = new SAMLSSOServiceProviderDO();
        serviceProviderDO.setIssuer(serviceProviderDTO.getIssuer());
        serviceProviderDO.setAssertionConsumerUrl(serviceProviderDTO.getAssertionConsumerUrl());
        serviceProviderDO.setCertAlias(serviceProviderDTO.getCertAlias());
        serviceProviderDO.setUseFullyQualifiedUsername(serviceProviderDTO.isUseFullyQualifiedUsername());
        serviceProviderDO.setDoSingleLogout(serviceProviderDTO.isDoSingleLogout());
        serviceProviderDO.setLogoutURL(serviceProviderDTO.getLogoutURL());
        serviceProviderDO.setDoSignAssertions(serviceProviderDTO.isDoSignAssertions());

        IdentityPersistenceManager persistenceManager = IdentityPersistenceManager
                .getPersistanceManager();
        try {
            return persistenceManager.addServiceProvider(registry, serviceProviderDO);

Examples of org.wso2.carbon.identity.core.model.SAMLSSOServiceProviderDO

                    getServiceProviders(registry);
            serviceProviders = new SAMLSSOServiceProviderDTO[providersSet.length];

            for (int i = 0; i < providersSet.length; i++) {

                SAMLSSOServiceProviderDO providerDO = providersSet[i];

                SAMLSSOServiceProviderDTO providerDTO = new SAMLSSOServiceProviderDTO();
                providerDTO.setIssuer(providerDO.getIssuer());
                providerDTO.setAssertionConsumerUrl(providerDO.getAssertionConsumerUrl());
                providerDTO.setCertAlias(providerDO.getCertAlias());

                serviceProviders[i] = providerDTO;
            }
        } catch (IdentityException e) {
            log.error("Error obtaining a registry intance for reading service provider list", e);

Examples of org.wso2.carbon.identity.core.model.SAMLSSOServiceProviderDO

                return validationResponse;
            }

            // set the custom login page URL, if available
            SSOServiceProviderConfigManager spConfigManager = SSOServiceProviderConfigManager.getInstance();
            SAMLSSOServiceProviderDO spDO = spConfigManager.getServiceProvider(issuer.getValue());
            if(spDO != null){
                validationResponse.setLoginPageURL(spDO.getLoginPageURL());
            }

            //TODO : Validate the NameID Format
            if (subject != null) {
                if (subject.getNameID() != null) {

Examples of org.wso2.carbon.identity.core.model.SAMLSSOServiceProviderDO

                        message);
            }
            subject = sessionInfoData.getSubject();
            String issuer = logoutRequest.getIssuer().getValue();
            Map<String, SAMLSSOServiceProviderDO> sessionsList = sessionInfoData.getServiceProviderList();
            SAMLSSOServiceProviderDO logoutReqIssuer = sessionsList.get(issuer);

            // validate the signature, if it is set.
            if(logoutReqIssuer.getCertAlias() != null){
                boolean isSignatureValid = SAMLSSOUtil.validateAssertionSignature(logoutRequest, logoutReqIssuer.getCertAlias(),
                                                       MultitenantUtils.getTenantDomain(subject));
                if (!isSignatureValid) {
                    String message = "The signature contained in the Assertion is not valid.";
                    log.error(message);
                    return buildErrorResponse(logoutRequest.getID(), SAMLSSOConstants.StatusCodes.REQUESTOR_ERROR,

Examples of org.wso2.carbon.identity.core.model.SAMLSSOServiceProviderDO

    public SAMLSSOServiceProviderDAO(Registry registry) {
        this.registry = registry;
    }

    protected SAMLSSOServiceProviderDO resourceToObject(Resource resource) {
        SAMLSSOServiceProviderDO serviceProviderDO = new SAMLSSOServiceProviderDO();
        serviceProviderDO.setIssuer(resource.getProperty(IdentityRegistryResources.PROP_SAML_SSO_ISSUER));
        serviceProviderDO.setAssertionConsumerUrl(resource.getProperty(IdentityRegistryResources
                .PROP_SAML_SSO_ASSERTION_CONS_URL));
        serviceProviderDO.setCertAlias(resource.getProperty(IdentityRegistryResources.PROP_SAML_SSO_ISSUER_CERT_ALIAS));

        if (resource.getProperty(
                IdentityRegistryResources.PROP_SAML_SSO_USE_FULLY_QUALIFIED_USERNAME_AS_SUBJECT) != null) {
            serviceProviderDO.setUseFullyQualifiedUsername(new Boolean(resource.getProperty(
                    IdentityRegistryResources.PROP_SAML_SSO_USE_FULLY_QUALIFIED_USERNAME_AS_SUBJECT).trim()));
        }

        if (resource.getProperty(
                IdentityRegistryResources.PROP_SAML_SSO_DO_SINGLE_LOGOUT) != null) {
            serviceProviderDO.setDoSingleLogout(new Boolean(resource.getProperty(
                    IdentityRegistryResources.PROP_SAML_SSO_DO_SINGLE_LOGOUT).trim()));
        }

        serviceProviderDO.setLogoutURL(resource.getProperty(IdentityRegistryResources.PROP_SAML_SSO_LOGOUT_URL));

        if (resource.getProperty(
                IdentityRegistryResources.PROP_SAML_SSO_DO_SIGN_ASSERTIONS) != null) {
            serviceProviderDO.setDoSignAssertions(new Boolean(resource.getProperty(
                    IdentityRegistryResources.PROP_SAML_SSO_DO_SIGN_ASSERTIONS).trim()));
        }

        return serviceProviderDO;
    }

Examples of org.wso2.carbon.identity.core.model.SAMLSSOServiceProviderDO

     * @return
     * @throws IdentityException
     */
    public SAMLSSOServiceProviderDO getServiceProvider(String issuer) throws IdentityException {

        SAMLSSOServiceProviderDO serviceProviderDO = null;
        String path = IdentityRegistryResources.SAML_SSO_SERVICE_PROVIDERS + encodePath(issuer);

        try {
            if (registry.resourceExists(path)) {
                serviceProviderDO = resourceToObject(registry.get(path));