/** {@inheritDoc} */ protected void processAttribute(XMLObject samlObject, Attr attribute) throws UnmarshallingException { Endpoint endpoint = (Endpoint) samlObject; if (attribute.getLocalName().equals(Endpoint.BINDING_ATTRIB_NAME)) { endpoint.setBinding(attribute.getValue()); } else if (attribute.getLocalName().equals(Endpoint.LOCATION_ATTRIB_NAME)) { endpoint.setLocation(attribute.getValue()); } else if (attribute.getLocalName().equals(Endpoint.RESPONSE_LOCATION_ATTRIB_NAME)) { endpoint.setResponseLocation(attribute.getValue()); } else { QName attribQName = XMLHelper.getNodeQName(attribute); if (attribute.isId()) { endpoint.getUnknownAttributes().registerID(attribQName); } endpoint.getUnknownAttributes().put(attribQName, attribute.getValue()); } }
@Override public SAMLMessageContext sendMessage(SAMLMessageContext samlContext, boolean sign) throws SAMLException, MetadataProviderException, MessageEncodingException { Endpoint endpoint = samlContext.getPeerEntityEndpoint(); SAMLBinding binding = getBinding(endpoint); samlContext.setLocalEntityId(spConfiguration.getEntityId()); samlContext.getLocalEntityMetadata().setEntityID(spConfiguration.getEntityId()); samlContext.getPeerEntityEndpoint().setLocation(spConfiguration.getIdpSSOServiceURL()); SPSSODescriptor roleDescriptor = (SPSSODescriptor) samlContext.getLocalEntityMetadata().getRoleDescriptors().get(0); AssertionConsumerService assertionConsumerService = roleDescriptor.getAssertionConsumerServices().stream().filter(service -> service.isDefault()).findAny().orElseThrow(() -> new RuntimeException("No default ACS")); assertionConsumerService.setBinding(spConfiguration.getProtocolBinding()); assertionConsumerService.setLocation(spConfiguration.getAssertionConsumerServiceURL()); return super.sendMessage(samlContext, spConfiguration.isNeedsSigning(), binding); } }
.getBuilder(AssertionConsumerService.DEFAULT_ELEMENT_NAME); Endpoint samlEndpoint = endpointBuilder.buildObject(); samlEndpoint.setLocation(idpEndpoint); samlEndpoint.setResponseLocation(spDestination);
public void doSAMLRedirect(final HttpServletResponse response, final String relayState) throws SAMLException, MessageEncodingException { final String requestId = SAMLUtils.generateRequestId(); final AuthnRequest authnRequest = createAuthnRequest(requestId); final HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(response, true); final BasicSAMLMessageContext<SAMLObject, AuthnRequest, SAMLObject> context = new BasicSAMLMessageContext<>(); final Endpoint endpoint = new SingleSignOnServiceBuilder().buildObject(); endpoint.setLocation(getIdPConfig().getLoginUrl()); context.setPeerEntityEndpoint(endpoint); context.setOutboundSAMLMessage(authnRequest); context.setOutboundSAMLMessageSigningCredential(authnRequest.getSignature().getSigningCredential()); context.setOutboundMessageTransport(responseAdapter); context.setRelayState(relayState == null ? "/" : relayState); final HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder(); encoder.encode(context); }
@SuppressWarnings("unchecked") public void sendAuthnResponse(SAMLPrincipal principal, HttpServletResponse response) throws MarshallingException, SignatureException, MessageEncodingException { Status status = buildStatus(StatusCode.SUCCESS_URI); String entityId = idpConfiguration.getEntityId(); Credential signingCredential = resolveCredential(entityId); Response authResponse = buildSAMLObject(Response.class, Response.DEFAULT_ELEMENT_NAME); Issuer issuer = buildIssuer(entityId); authResponse.setIssuer(issuer); authResponse.setID(SAMLBuilder.randomSAMLId()); authResponse.setIssueInstant(new DateTime()); authResponse.setInResponseTo(principal.getRequestID()); Assertion assertion = buildAssertion(principal, status, entityId); signAssertion(assertion, signingCredential); authResponse.getAssertions().add(assertion); authResponse.setDestination(principal.getAssertionConsumerServiceURL()); authResponse.setStatus(status); Endpoint endpoint = buildSAMLObject(Endpoint.class, SingleSignOnService.DEFAULT_ELEMENT_NAME); endpoint.setLocation(principal.getAssertionConsumerServiceURL()); HttpServletResponseAdapter outTransport = new HttpServletResponseAdapter(response, false); BasicSAMLMessageContext messageContext = new BasicSAMLMessageContext(); messageContext.setOutboundMessageTransport(outTransport); messageContext.setPeerEntityEndpoint(endpoint); messageContext.setOutboundSAMLMessage(authResponse); messageContext.setOutboundSAMLMessageSigningCredential(signingCredential); messageContext.setOutboundMessageIssuer(entityId); messageContext.setRelayState(principal.getRelayState()); encoder.encode(messageContext); }