/** * Resolve the SAML entity ID from a SAML 1 response. * * @param response the response * * @return the entity ID, or null if it could not be resolved */ @Nullable protected String processSaml1Response(@Nonnull final org.opensaml.saml.saml1.core.Response response) { String issuer = null; final List<Assertion> assertions = response.getAssertions(); if (assertions != null && assertions.size() > 0) { log.info("Attempting to extract issuer from enclosed SAML 1.x Assertion(s)"); for (Assertion assertion : assertions) { if (assertion != null && assertion.getIssuer() != null) { if (issuer != null && !issuer.equals(assertion.getIssuer())) { log.warn("SAML 1.x assertions, within response '{}' contain different issuer IDs, " + "can not dynamically resolve SAML peer entity ID", response.getID()); return null; } issuer = assertion.getIssuer(); } } } if (issuer == null) { log.warn("Issuer could not be extracted from standard SAML 1.x response message"); } return issuer; }
/** * Constructs and adds a {@link Assertion} to the given {@link Response}. The {@link Assertion} is constructed * using the parameters supplied, and its issue instant is set to the issue instant of the given {@link Response}. * * @param action the current action * @param response the response to which the assertion will be added * @param idGenerator source of assertion ID * @param issuer value for assertion * * @return the assertion that was added to the response */ @Nonnull public static Assertion addAssertionToResponse(@Nonnull final AbstractProfileAction action, @Nonnull final Response response, @Nonnull final IdentifierGenerationStrategy idGenerator, @Nonnull @NotEmpty final String issuer) { final Assertion assertion = buildAssertion(action, idGenerator, issuer); assertion.setIssueInstant(response.getIssueInstant()); getLogger().debug("Profile Action {}: Added Assertion {} to Response {}", new Object[] {action.getClass().getSimpleName(), assertion.getID(), response.getID(),}); response.getAssertions().add(assertion); return assertion; }