assertThat(metadata).isNotNull(); final SPSSODescriptor sp = metadata.getSPSSODescriptor(SAMLConstants.SAML20P_NS); assertThat(sp.isAuthnRequestsSigned()).isTrue(); assertThat(sp.getWantAssertionsSigned()).isTrue();
/** * Gets SP SSO descriptor. * * @param entityDescriptor the entity descriptor * @return the SP SSO descriptor */ public static SPSSODescriptor getSPSsoDescriptor(final EntityDescriptor entityDescriptor) { LOGGER.trace("Locating SP SSO descriptor for SAML2 protocol..."); var spssoDescriptor = entityDescriptor.getSPSSODescriptor(SAMLConstants.SAML20P_NS); if (spssoDescriptor == null) { LOGGER.trace("Locating SP SSO descriptor for SAML11 protocol..."); spssoDescriptor = entityDescriptor.getSPSSODescriptor(SAMLConstants.SAML11P_NS); } if (spssoDescriptor == null) { LOGGER.trace("Locating SP SSO descriptor for SAML1 protocol..."); spssoDescriptor = entityDescriptor.getSPSSODescriptor(SAMLConstants.SAML10P_NS); } LOGGER.trace("SP SSO descriptor resolved to be [{}]", spssoDescriptor); return spssoDescriptor; }
/** Does the {@link EntityDescriptor} have a {@link MetadataServiceRegistry#PROXY_BINDING} acs. * @param entity what to look at * @return Whether is is authorized to proxy */ private boolean isAuthorizedToProxy(@Nonnull final EntityDescriptor entity) { final SPSSODescriptor descriptor = entity.getSPSSODescriptor(AbstractProtocolConfiguration.PROTOCOL_URI); if (descriptor != null) { for (final AssertionConsumerService acs : descriptor.getAssertionConsumerServices()) { if (PROXY_BINDING.equals(acs.getBinding())) { return true; } } } return false; }
/** Does the {@link EntityDescriptor} has an SLO endpoint. * @param entity what to look at * @return whether it has an SLO endpoint */ private boolean hasSingleLogoutService(@Nonnull final EntityDescriptor entity) { final SPSSODescriptor descriptor = entity.getSPSSODescriptor(AbstractProtocolConfiguration.PROTOCOL_URI); if (descriptor != null) { for (final Endpoint endpoint : descriptor.getEndpoints(SingleLogoutService.DEFAULT_ELEMENT_NAME)) { if (LOGOUT_BINDING.equals(endpoint.getBinding()) && LOGOUT_LOCATION.equals(endpoint.getLocation())) { return true; } } } return false; }
private static Optional<SamlRegisteredServiceServiceProviderMetadataFacade> getServiceProviderSsoDescriptor(final String entityID, final MetadataResolver chainingMetadataResolver, final EntityDescriptor entityDescriptor) { val ssoDescriptor = entityDescriptor.getSPSSODescriptor(SAMLConstants.SAML20P_NS); if (ssoDescriptor != null) { LOGGER.debug("Located SP SSODescriptor in metadata for [{}]. Metadata is valid until [{}]", entityID, ObjectUtils.defaultIfNull(ssoDescriptor.getValidUntil(), "forever")); if (ssoDescriptor.getValidUntil() != null && ssoDescriptor.getValidUntil().isBeforeNow()) { LOGGER.warn("SP SSODescriptor in the metadata has expired at [{}]", ssoDescriptor.getValidUntil()); return Optional.empty(); } return Optional.of(new SamlRegisteredServiceServiceProviderMetadataFacade(ssoDescriptor, entityDescriptor, chainingMetadataResolver)); } LOGGER.warn("Could not locate SP SSODescriptor in the metadata for [{}]", entityID); return Optional.empty(); }
val spssoDescriptor = entityDescriptor.getSPSSODescriptor(SAMLConstants.SAML20P_NS); val acsEndpoints = spssoDescriptor.getAssertionConsumerServices(); if (acsEndpoints.isEmpty()) {