import org.opensaml.common.binding.decoding.SAMLMessageDecoder;
import org.opensaml.common.xml.SAMLConstants;
import org.opensaml.saml1.binding.SAML1ArtifactMessageContext;
+import org.opensaml.saml1.binding.artifact.AbstractSAML1Artifact;
import org.opensaml.saml1.core.Assertion;
-import org.opensaml.saml1.core.AssertionArtifact;
import org.opensaml.saml1.core.NameIdentifier;
import org.opensaml.saml1.core.Request;
import org.opensaml.saml1.core.Response;
// Set as much information as can be retrieved from the decoded message
try {
Request samlRequest = requestContext.getInboundSAMLMessage();
- if (samlRequest.getAssertionArtifacts() != null) {
- ArrayList<String> artifacts = new ArrayList<String>();
- for (AssertionArtifact artifact : samlRequest.getAssertionArtifacts()) {
- artifacts.add(artifact.getAssertionArtifact());
- }
- requestContext.setArtifacts(artifacts);
- }
requestContext.setInboundSAMLMessageId(samlRequest.getID());
requestContext.setInboundSAMLMessageIssueInstant(samlRequest.getIssueInstant());
BasicEndpointSelector endpointSelector = new BasicEndpointSelector();
endpointSelector.setEndpointType(AssertionConsumerService.DEFAULT_ELEMENT_NAME);
endpointSelector.setMetadataProvider(getMetadataProvider());
- endpointSelector.setRelyingParty(requestContext.getPeerEntityMetadata());
- endpointSelector.setRelyingPartyRole(requestContext.getPeerEntityRoleMetadata());
+ endpointSelector.setEntityMetadata(requestContext.getPeerEntityMetadata());
+ endpointSelector.setEntityRoleMetadata(requestContext.getPeerEntityRoleMetadata());
endpointSelector.setSamlRequest(requestContext.getInboundSAMLMessage());
endpointSelector.getSupportedIssuerBindings().addAll(getSupportedOutboundBindings());
return endpointSelector.selectEndpoint();
* @param requestContext current request context
*/
protected void derferenceArtifacts(ArtifactResolutionRequestContext requestContext) {
- Collection<String> artifacts = requestContext.getArtifacts();
+ Collection<AbstractSAML1Artifact> artifacts = requestContext.getArtifacts();
if (artifacts != null) {
ArrayList<Assertion> assertions = new ArrayList<Assertion>();
SAMLArtifactMapEntry artifactEntry;
- for (String artifact : artifacts) {
- artifactEntry = artifactMap.peek(artifact.getBytes());
+ for (AbstractSAML1Artifact artifact : artifacts) {
+ artifactEntry = artifactMap.peek(artifact.getArtifactBytes());
if (artifactEntry == null || artifactEntry.isExpired()) {
log.error("Unknown artifact.");
}
+ artifactEntry.getRelyingPartyId() + " but was resolve request came from "
+ requestContext.getPeerEntityId());
}
- artifactMap.get(artifact.getBytes());
+ artifactMap.get(artifact.getArtifactBytes());
assertions.add((Assertion) artifactEntry.getSamlMessage());
}
requestContext.setReferencedAssertions(assertions);
SAML1ArtifactMessageContext<Request, Response, NameIdentifier> {
/** Artifact to be resolved. */
- private Collection<String> artifacts;
+ private Collection<AbstractSAML1Artifact> artifacts;
/** Message referenced by the SAML artifact. */
private Collection<Assertion> referencedAssertions;
*
* @return artifacts to be resolved
*/
- public Collection<String> getArtifacts() {
+ public Collection<AbstractSAML1Artifact> getArtifacts() {
return artifacts;
}
*
* @param artifacts artifacts to be resolved
*/
- public void setArtifacts(Collection<String> artifacts) {
+ public void setArtifacts(Collection<AbstractSAML1Artifact> artifacts) {
this.artifacts = artifacts;
}
BasicEndpointSelector endpointSelector = new BasicEndpointSelector();
endpointSelector.setEndpointType(AssertionConsumerService.DEFAULT_ELEMENT_NAME);
endpointSelector.setMetadataProvider(getMetadataProvider());
- endpointSelector.setRelyingParty(requestContext.getPeerEntityMetadata());
- endpointSelector.setRelyingPartyRole(requestContext.getPeerEntityRoleMetadata());
+ endpointSelector.setEntityMetadata(requestContext.getPeerEntityMetadata());
+ endpointSelector.setEntityRoleMetadata(requestContext.getPeerEntityRoleMetadata());
endpointSelector.setSamlRequest(requestContext.getInboundSAMLMessage());
endpointSelector.getSupportedIssuerBindings().addAll(getSupportedOutboundBindings());
* @return endpoint corresponding to the SP-provdided ACS URL
*/
protected Endpoint selectEndpointByACS() {
- List<Endpoint> endpoints = getRelyingPartyRole().getEndpoints();
+ List<Endpoint> endpoints = getEntityRoleMetadata().getEndpoints();
if (endpoints != null) {
for (Endpoint endpoint : endpoints) {
if (endpoint.getLocation().equalsIgnoreCase(spAssertionConsumerService)
endpointSelector.setSpAssertionConsumerService(loginContext.getSpAssertionConsumerService());
endpointSelector.setEndpointType(AssertionConsumerService.DEFAULT_ELEMENT_NAME);
endpointSelector.setMetadataProvider(getMetadataProvider());
- endpointSelector.setRelyingParty(requestContext.getPeerEntityMetadata());
- endpointSelector.setRelyingPartyRole(requestContext.getPeerEntityRoleMetadata());
+ endpointSelector.setEntityMetadata(requestContext.getPeerEntityMetadata());
+ endpointSelector.setEntityRoleMetadata(requestContext.getPeerEntityRoleMetadata());
endpointSelector.setSamlRequest(requestContext.getInboundSAMLMessage());
endpointSelector.getSupportedIssuerBindings().addAll(getSupportedOutboundBindings());
import org.apache.log4j.Logger;
import org.joda.time.DateTime;
+import org.opensaml.Configuration;
import org.opensaml.common.SAMLObject;
import org.opensaml.common.SAMLObjectBuilder;
import org.opensaml.common.binding.BasicEndpointSelector;
import org.opensaml.common.binding.decoding.SAMLMessageDecoder;
import org.opensaml.common.xml.SAMLConstants;
import org.opensaml.saml2.binding.SAML2ArtifactMessageContext;
+import org.opensaml.saml2.binding.artifact.AbstractSAML2Artifact;
+import org.opensaml.saml2.binding.artifact.SAML2ArtifactBuilderFactory;
import org.opensaml.saml2.core.ArtifactResolve;
import org.opensaml.saml2.core.ArtifactResponse;
import org.opensaml.saml2.core.NameID;
import org.opensaml.ws.security.SecurityPolicyException;
import org.opensaml.ws.transport.http.HTTPInTransport;
import org.opensaml.ws.transport.http.HTTPOutTransport;
+import org.opensaml.xml.util.Base64;
import edu.internet2.middleware.shibboleth.common.profile.ProfileException;
import edu.internet2.middleware.shibboleth.common.relyingparty.RelyingPartyConfiguration;
checkSamlVersion(requestContext);
- SAMLArtifactMapEntry artifactEntry = artifactMap.peek(requestContext.getArtifact().getBytes());
+ SAMLArtifactMapEntry artifactEntry = artifactMap.peek(requestContext.getArtifact().getArtifactBytes());
if (artifactEntry == null || artifactEntry.isExpired()) {
log.error("Unknown artifact.");
requestContext.setFailureStatus(buildStatus(StatusCode.SUCCESS_URI, StatusCode.REQUEST_DENIED_URI,
requestContext.setFailureStatus(buildStatus(StatusCode.SUCCESS_URI, StatusCode.REQUEST_DENIED_URI,
"Artifact requester mismatch."));
}
- artifactMap.get(requestContext.getArtifact().getBytes());
+ artifactMap.get(requestContext.getArtifact().getArtifactBytes());
SAMLObject referencedMessage = artifactEntry.getSamlMessage();
requestContext.setReferencedMessage(referencedMessage);
// Set as much information as can be retrieved from the decoded message
try {
ArtifactResolve artResolve = requestContext.getInboundSAMLMessage();
- requestContext.setArtifact(artResolve.getArtifact().getArtifact());
requestContext.setInboundSAMLMessageId(artResolve.getID());
requestContext.setInboundSAMLMessageIssueInstant(artResolve.getIssueInstant());
BasicEndpointSelector endpointSelector = new BasicEndpointSelector();
endpointSelector.setEndpointType(AssertionConsumerService.DEFAULT_ELEMENT_NAME);
endpointSelector.setMetadataProvider(getMetadataProvider());
- endpointSelector.setRelyingParty(requestContext.getPeerEntityMetadata());
- endpointSelector.setRelyingPartyRole(requestContext.getPeerEntityRoleMetadata());
+ endpointSelector.setEntityMetadata(requestContext.getPeerEntityMetadata());
+ endpointSelector.setEntityRoleMetadata(requestContext.getPeerEntityRoleMetadata());
endpointSelector.setSamlRequest(requestContext.getInboundSAMLMessage());
endpointSelector.getSupportedIssuerBindings().addAll(getSupportedOutboundBindings());
return endpointSelector.selectEndpoint();
implements SAML2ArtifactMessageContext<ArtifactResolve, ArtifactResponse, NameID> {
/** Artifact to be resolved. */
- private String artifact;
+ private AbstractSAML2Artifact artifact;
/** Message referenced by the SAML artifact. */
private SAMLObject referencedMessage;
*
* @return artifact to be resolved
*/
- public String getArtifact() {
+ public AbstractSAML2Artifact getArtifact() {
return artifact;
}
*
* @param artifact artifact to be resolved
*/
- public void setArtifact(String artifact) {
+ public void setArtifact(AbstractSAML2Artifact artifact) {
this.artifact = artifact;
}
AuthnResponseEndpointSelector endpointSelector = new AuthnResponseEndpointSelector();
endpointSelector.setEndpointType(AssertionConsumerService.DEFAULT_ELEMENT_NAME);
endpointSelector.setMetadataProvider(getMetadataProvider());
- endpointSelector.setRelyingParty(requestContext.getPeerEntityMetadata());
- endpointSelector.setRelyingPartyRole(requestContext.getPeerEntityRoleMetadata());
+ endpointSelector.setEntityMetadata(requestContext.getPeerEntityMetadata());
+ endpointSelector.setEntityRoleMetadata(requestContext.getPeerEntityRoleMetadata());
endpointSelector.setSamlRequest(requestContext.getInboundSAMLMessage());
endpointSelector.getSupportedIssuerBindings().addAll(getSupportedOutboundBindings());
return endpointSelector.selectEndpoint();
projects / java-idp.git / commitdiff