/** * Encrypt a {@link NameID} found in a LogoutRequest and replace it with the result. * * @param request request to operate on * * @throws EncryptionException if an error occurs */ private void processLogoutRequest(@Nonnull final LogoutRequest request) throws EncryptionException { if (shouldEncrypt(request.getNameID())) { log.debug("{} Encrypting NameID in LogoutRequest", getLogPrefix()); final EncryptedID encrypted = getEncrypter().encrypt(request.getNameID()); request.setEncryptedID(encrypted); request.setNameID(null); } }
@Override public CriteriaSet apply(final ProfileRequestContext input) { if (logoutRequest != null && logoutRequest.getIssuer() != null && logoutRequest.getNameID() != null) { return new CriteriaSet(new SPSessionCriterion(logoutRequest.getIssuer().getValue(), logoutRequest.getNameID().getValue())); } else { return new CriteriaSet(); } } };
ActionSupport.buildEvent(profileRequestContext, EventIds.INVALID_PROFILE_CTX); return false; } else if (logoutRequest.getNameID() == null) { log.warn("{} LogoutRequest did not contain NameID", getLogPrefix()); ActionSupport.buildEvent(profileRequestContext, EventIds.INVALID_MESSAGE); return false; } else if (logoutRequest.getNameID().getValue() == null) { log.warn("{} LogoutRequest contained an empty (therefore invalid) NameID", getLogPrefix()); ActionSupport.buildEvent(profileRequestContext, EventIds.INVALID_MESSAGE);
relyingParty = relyingPartyLookupStrategy.apply(profileRequestContext); if (!SAML2ObjectSupport.areNameIDsEquivalent(logoutRequest.getNameID(), saml2Session.getNameID(), assertingParty, relyingParty)) { return false; } else if (!SAML2ObjectSupport.areNameIDsEquivalent(logoutRequest.getNameID(), saml2Session.getNameID())) { return false;
protected LogoutRequest resolveLogoutRequest(org.opensaml.saml.saml2.core.LogoutRequest request, List<SimpleKey> verificationKeys, List<SimpleKey> localKeys) { LogoutRequest result = new LogoutRequest() .setId(request.getID()) .setConsent(request.getConsent()) .setVersion(request.getVersion().toString()) .setNotOnOrAfter(request.getNotOnOrAfter()) .setIssueInstant(request.getIssueInstant()) .setReason(LogoutReason.fromUrn(request.getReason())) .setIssuer(getIssuer(request.getIssuer())) .setDestination(new Endpoint().setLocation(request.getDestination())); NameID nameID = getNameID(request.getNameID(), request.getEncryptedID(), localKeys); result.setNameId(getNameIdPrincipal(nameID)); return result; }