private Assertion getValidatedAssertion(Response response, String endpointUri) { final Status status = response.getStatus(); final String statusCode = status.getStatusCode().getValue(); if (!StatusCode.SUCCESS.equals(statusCode)) {
/** * Returns true if the identity provider cannot authenticate the principal passively, as requested, else false. * * @param response the SAML 2.0 Response to be evaluated * @return true if the identity provider cannot authenticate the principal passively, as requested, else false */ private boolean isNoPassive(Response response) { return (response.getStatus() != null) && (response.getStatus().getStatusCode() != null) && (response.getStatus().getStatusCode().getValue().equals(StatusCode.RESPONDER)) && (response.getStatus().getStatusCode().getStatusCode() != null) && (response.getStatus().getStatusCode().getStatusCode().getValue().equals(StatusCode.NO_PASSIVE)); }
) throws WSSecurityException { if (samlResponse.getStatus() == null || samlResponse.getStatus().getStatusCode() == null) { LOG.fine("Either the SAML Response Status or StatusCode is null"); throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity"); if (!SAML2_STATUSCODE_SUCCESS.equals(samlResponse.getStatus().getStatusCode().getValue())) { LOG.fine( "SAML Status code of " + samlResponse.getStatus().getStatusCode().getValue() + "does not equal " + SAML2_STATUSCODE_SUCCESS );
.setIssuer(getIssuer(parsed.getIssuer())) .setVersion(parsed.getVersion().toString()) .setStatus(getStatus(parsed.getStatus())) .setAssertions( parsed.getAssertions().stream().map(a -> resolveAssertion(a, verificationKeys, localKeys))
private Assertion getValidatedAssertion(Response response, String endpointUri) { final Status status = response.getStatus(); final String statusCode = status.getStatusCode().getValue(); if (!StatusCode.SUCCESS.equals(statusCode)) {
final SignatureTrustEngine engine) { validateSuccess(response.getStatus());