* This builds the response for this SAML request.
*
* @param responseContext <code>ProfileResponseContext</code>
- * @param issuer <code>String</code>
- * @param destination <code>String</code>
* @return <code>Response</code>
* @throws EncryptionException if an error occurs attempting to encrypt data
*/
- protected Response buildResponse(ProfileResponseContext responseContext, String issuer, String destination)
- throws EncryptionException {
+ protected Response buildResponse(ProfileResponseContext responseContext) throws EncryptionException {
AttributeQueryConfiguration config = getAttributeQueryConfiguration(responseContext.getProviderId());
/*
Response response = responseBuilder.buildObject();
response.setVersion(SAML_VERSION);
response.setID(getIdGenerator().generateIdentifier());
- response.setInResponseTo(issuer);
+ response.setInResponseTo(responseContext.getIssuer());
response.setIssueInstant(responseContext.getIssueInstant());
- response.setDestination(destination);
+ response.setDestination(responseContext.getDestination());
- response.setIssuer(buildIssuer(responseContext.getProviderId()));
+ response.setIssuer(buildIssuer(responseContext));
/*
* Will be hard coded in the future: if (consent != null) { response.setConsent(consent); }
assertion.setID(getIdGenerator().generateIdentifier());
assertion.setIssueInstant(responseContext.getIssueInstant());
assertion.setVersion(SAML_VERSION);
- assertion.setIssuer(buildIssuer(responseContext.getProviderId()));
+ assertion.setIssuer(buildIssuer(responseContext));
// build subject
- assertion.setSubject(buildSubject(responseContext.getMessage().getSubject(), config.getEncryptNameID()));
+ assertion.setSubject(buildSubject(responseContext, config.getEncryptNameID()));
// build conditions
assertion.setConditions(buildConditions(responseContext));
// build advice
/**
* This builds the issuer response for this SAML request.
*
- * @param providerId <code>String</code>
+ * @param responseContext <code>ProfileResponseContext</code>
* @return <code>Issuer</code>
*/
- private Issuer buildIssuer(String providerId) {
- RelyingPartyConfiguration relyingPartyConfiguration = getRelyingPartyConfiguration(providerId);
+ private Issuer buildIssuer(ProfileResponseContext responseContext) {
+ RelyingPartyConfiguration relyingPartyConfiguration = getRelyingPartyConfiguration(responseContext
+ .getProviderId());
Issuer issuer = issuerBuilder.buildObject();
issuer.setValue(relyingPartyConfiguration.getProviderId());
return issuer;
/**
* This builds the subject for this SAML request.
*
- * @param messageSubject <code>Subject</code>
+ * @param responseContext <code>ProfileResponseContext</code>
* @param encryptNameId <code>boolean</code>
* @return <code>Subject</code>
* @throws EncryptionException if encryption of the name id fails
*/
- private Subject buildSubject(Subject messageSubject, boolean encryptNameId) throws EncryptionException {
+ private Subject buildSubject(ProfileResponseContext responseContext, boolean encryptNameId)
+ throws EncryptionException {
Subject subject = subjectBuilder.buildObject();
if (encryptNameId) {
// TODO load encryption parameters
Encrypter encrypter = null;
- subject.setEncryptedID(encrypter.encrypt(messageSubject.getNameID()));
+ subject.setEncryptedID(encrypter.encrypt(responseContext.getMessage().getSubject().getNameID()));
} else {
- subject.setNameID(messageSubject.getNameID());
+ subject.setNameID(responseContext.getMessage().getSubject().getNameID());
// TODO when is subject.setBaseID(newBaseID) called, if ever?
}
return subject;
Response samlResponse = null;
try {
ProfileResponseContext profileResponse = new ProfileResponseContext(request, message);
+ profileResponse.setIssuer(decoder.getSecurityPolicy().getIssuer().toString());
+ profileResponse.setDestination(request.getRawRequest().getRemoteHost());
profileResponse.setAttributeStatement(statement);
- samlResponse = buildResponse(profileResponse, decoder.getSecurityPolicy().getIssuer().toString(), request
- .getRawRequest().getRemoteHost());
+ samlResponse = buildResponse(profileResponse);
} catch (EncryptionException e) {
log.error("Error encrypting SAML response", e);
throw new ProfileException("Error encrypting SAML response", e);
package edu.internet2.middleware.shibboleth.idp.profile.saml2;
import org.joda.time.DateTime;
-import org.opensaml.saml2.core.SubjectQuery;
import org.opensaml.saml2.core.AttributeStatement;
+import org.opensaml.saml2.core.SubjectQuery;
import edu.internet2.middleware.shibboleth.common.profile.ProfileRequest;
/** Profile request message. */
private SubjectQuery message;
+ /** Response issuer. */
+ private String issuer;
+
+ /** Response destination. */
+ private String destination;
+
/** Provider id to retrieve relying party configuration. */
private String providerId;
-
+
/** Issue instant for the response. */
private DateTime issueInstant;
public String getProviderId() {
return providerId;
}
-
+
/**
* Gets the issue instant for the response.
*
}
/**
+ * Sets an issuer associated with this response.
+ *
+ * @param i to set
+ */
+ public void setIssuer(String i) {
+ issuer = i;
+ }
+
+ /**
+ * Gets the issuer associated with this response.
+ *
+ * @return issuer
+ */
+ public String getIssuer() {
+ return issuer;
+ }
+
+ /**
+ * Sets a destination associated with this response.
+ *
+ * @param d to set
+ */
+ public void setDestination(String d) {
+ destination = d;
+ }
+
+ /**
+ * Gets the destination associated with this response.
+ *
+ * @return destination
+ */
+ public String getDestination() {
+ return destination;
+ }
+
+ /**
* Sets a attribute statement associated with this response.
*
* @param s to sets
projects / java-idp.git / commitdiff