/** * Sign the root element * * @param doc * @param signingKey * @param publicKey * @param digestMethod * @param signatureMethod * @param referenceURI * @return * @throws GeneralSecurityException * @throws XMLSignatureException * @throws MarshalException * @since 2.5.0 */ public static Document sign(Document doc, KeyPair keyPair, String digestMethod, String signatureMethod, String referenceURI, X509Certificate x509Certificate) throws GeneralSecurityException, MarshalException, XMLSignatureException { logger.trace("Document to be signed=" + DocumentUtil.asString(doc)); PrivateKey signingKey = keyPair.getPrivate(); PublicKey publicKey = keyPair.getPublic(); DOMSignContext dsc = new DOMSignContext(signingKey, doc.getDocumentElement()); signImpl(dsc, digestMethod, signatureMethod, referenceURI, publicKey, x509Certificate); return doc; }
/** * <p> * Utility method that marshals the specified {@code AssertionType} object into an {@code Element} instance. * </p> * * @param assertion * an {@code AssertionType} object representing the SAML assertion to be marshaled. * @return a reference to the {@code Element} that contains the marshaled SAML assertion. * @throws Exception * if an error occurs while marshaling the assertion. */ public static Element toElement(AssertionType assertion) throws Exception { ByteArrayOutputStream baos = new ByteArrayOutputStream(); SAMLAssertionWriter writer = new SAMLAssertionWriter(StaxUtil.getXMLStreamWriter(baos)); writer.write(assertion); ByteArrayInputStream bis = new ByteArrayInputStream(baos.toByteArray()); Document document = DocumentUtil.getDocument(bis); if (trace) { log.trace("Written Assertion=" + DocumentUtil.asString(document)); } return document.getDocumentElement(); }
/** * <p> * Utility method that marshals the specified {@code AssertionType} object into an {@code Element} instance. * </p> * * @param assertion * an {@code AssertionType} object representing the SAML assertion to be marshaled. * @return a reference to the {@code Element} that contains the marshaled SAML assertion. * @throws Exception * if an error occurs while marshaling the assertion. */ public static Element toElement(AssertionType assertion) throws Exception { ByteArrayOutputStream baos = new ByteArrayOutputStream(); SAMLAssertionWriter writer = new SAMLAssertionWriter(StaxUtil.getXMLStreamWriter(baos)); writer.write(assertion); ByteArrayInputStream bis = new ByteArrayInputStream(baos.toByteArray()); Document document = DocumentUtil.getDocument(bis); if (trace) { log.trace("Written Assertion=" + DocumentUtil.asString(document)); } return document.getDocumentElement(); }
public Source invoke(Source request) { try { Document doc = (Document) DocumentUtil.getNodeFromSource(request); if (log.isDebugEnabled()) { log.debug("Received Message::" + DocumentUtil.asString(doc)); } XACMLAuthzDecisionQueryType xacmlQuery = SOAPSAMLXACMLUtil.getXACMLQueryType(doc); ResponseType samlResponseType = SOAPSAMLXACMLUtil.handleXACMLQuery(pdp, issuer, xacmlQuery); ByteArrayOutputStream baos = new ByteArrayOutputStream(); XMLStreamWriter xmlStreamWriter = StaxUtil.getXMLStreamWriter(baos); SAMLResponseWriter samlResponseWriter = new SAMLResponseWriter(xmlStreamWriter); samlResponseWriter.write(samlResponseType); Document responseDocument = DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray())); return new DOMSource(responseDocument.getDocumentElement()); } catch (Exception e) { throw new RuntimeException(e); } }
public Source invoke(Source request) { try { Document doc = (Document) DocumentUtil.getNodeFromSource(request); if (log.isDebugEnabled()) { log.debug("Received Message::" + DocumentUtil.asString(doc)); } XACMLAuthzDecisionQueryType xacmlQuery = SOAPSAMLXACMLUtil.getXACMLQueryType(doc); ResponseType samlResponseType = SOAPSAMLXACMLUtil.handleXACMLQuery(pdp, issuer, xacmlQuery); ByteArrayOutputStream baos = new ByteArrayOutputStream(); XMLStreamWriter xmlStreamWriter = StaxUtil.getXMLStreamWriter(baos); SAMLResponseWriter samlResponseWriter = new SAMLResponseWriter(xmlStreamWriter); samlResponseWriter.write(samlResponseType); Document responseDocument = DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray())); return new DOMSource(responseDocument.getDocumentElement()); } catch (Exception e) { throw new RuntimeException(e); } }
@Override public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException { Map<String, Object> requestOptions = request.getOptions(); Boolean ignoreSignatures = (Boolean) requestOptions.get(GeneralConstants.IGNORE_SIGNATURES); if (ignoreSignatures == Boolean.TRUE) return; Document signedDocument = request.getRequestDocument(); if (trace) { log.trace("Document for validation=" + DocumentUtil.asString(signedDocument)); } PublicKey publicKey = (PublicKey) request.getOptions().get(GeneralConstants.SENDER_PUBLIC_KEY); boolean isValid = this.validateSender(signedDocument, publicKey); if (!isValid) throw constructSignatureException(); }
@Override public void handleStatusResponseType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException { Map<String, Object> requestOptions = request.getOptions(); Boolean ignoreSignatures = (Boolean) requestOptions.get(GeneralConstants.IGNORE_SIGNATURES); if (ignoreSignatures == Boolean.TRUE) return; Document signedDocument = request.getRequestDocument(); if (trace) { log.trace("Document for validation=" + DocumentUtil.asString(signedDocument)); } PublicKey publicKey = (PublicKey) request.getOptions().get(GeneralConstants.SENDER_PUBLIC_KEY); boolean isValid = this.validateSender(signedDocument, publicKey); if (!isValid) throw constructSignatureException(); }
/** * <p> * Utility method that marshals the specified {@code AssertionType} object into an {@code Element} instance. * </p> * * @param assertion an {@code AssertionType} object representing the SAML assertion to be marshaled. * @return a reference to the {@code Element} that contains the marshaled SAML assertion. * @throws Exception if an error occurs while marshaling the assertion. */ public static Element toElement(AssertionType assertion) throws Exception { ByteArrayOutputStream baos = new ByteArrayOutputStream(); SAMLAssertionWriter writer = new SAMLAssertionWriter(StaxUtil.getXMLStreamWriter(baos)); writer.write(assertion); byte[] assertionBytes = baos.toByteArray(); ByteArrayInputStream bis = new ByteArrayInputStream(assertionBytes); Document document = DocumentUtil.getDocument(bis); if (logger.isTraceEnabled()) { logger.samlAssertion(DocumentUtil.asString(document)); } return document.getDocumentElement(); }
public Source invoke(Source request) { try { Document doc = (Document) DocumentUtil.getNodeFromSource(request); if (logger.isTraceEnabled()) { logger.trace("XACML Received Message: " + DocumentUtil.asString(doc)); } XACMLAuthzDecisionQueryType xacmlQuery = SOAPSAMLXACMLUtil.getXACMLQueryType(doc); ResponseType samlResponseType = SOAPSAMLXACMLUtil.handleXACMLQuery(pdp, issuer, xacmlQuery); ByteArrayOutputStream baos = new ByteArrayOutputStream(); XMLStreamWriter xmlStreamWriter = StaxUtil.getXMLStreamWriter(baos); SAMLResponseWriter samlResponseWriter = new SAMLResponseWriter(xmlStreamWriter); samlResponseWriter.write(samlResponseType); Document responseDocument = DocumentUtil.getDocument(new ByteArrayInputStream(baos.toByteArray())); return new DOMSource(responseDocument.getDocumentElement()); } catch (Exception e) { throw logger.xacmlPDPMessageProcessingError(e); } }
/** * @see {@code SAML2Handler#handleRequestType(SAML2HandlerRequest, SAML2HandlerResponse)} */ public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException { Map<String, Object> requestOptions = request.getOptions(); Boolean ignoreSignatures = (Boolean) requestOptions.get(GeneralConstants.IGNORE_SIGNATURES); if (ignoreSignatures == Boolean.TRUE) return; Document signedDocument = request.getRequestDocument(); if (trace) { log.trace("Will validate :" + DocumentUtil.asString(signedDocument)); } PublicKey publicKey = (PublicKey) request.getOptions().get(GeneralConstants.SENDER_PUBLIC_KEY); try { boolean isValid = this.validateSender(signedDocument, publicKey); if (!isValid) throw constructSignatureException(); } catch (ProcessingException pe) { response.setError(SAML2HandlerErrorCodes.SIGNATURE_INVALID, "Signature Validation Failed"); throw pe; } }
/** * @see {@code SAML2Handler#handleRequestType(SAML2HandlerRequest, SAML2HandlerResponse)} */ public void handleRequestType(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException { Map<String, Object> requestOptions = request.getOptions(); Boolean ignoreSignatures = (Boolean) requestOptions.get(GeneralConstants.IGNORE_SIGNATURES); if (ignoreSignatures == Boolean.TRUE) return; Document signedDocument = request.getRequestDocument(); if (trace) { log.trace("Will validate :" + DocumentUtil.asString(signedDocument)); } PublicKey publicKey = (PublicKey) request.getOptions().get(GeneralConstants.SENDER_PUBLIC_KEY); try { boolean isValid = this.validateSender(signedDocument, publicKey); if (!isValid) throw constructSignatureException(); } catch (ProcessingException pe) { response.setError(SAML2HandlerErrorCodes.SIGNATURE_INVALID, "Signature Validation Failed"); throw pe; } }
/** * Read a {@code SAML2Object} from an input stream * @param is * @return * @throws ParsingException * @throws ConfigurationException * @throws ProcessingException */ public SAML2Object getSAML2ObjectFromStream(InputStream is) throws ParsingException, ConfigurationException, ProcessingException { if (is == null) throw new IllegalArgumentException(ErrorCodes.NULL_ARGUMENT + "inputstream"); Document samlResponseDocument = DocumentUtil.getDocument(is); if (trace) log.trace("RESPONSE=" + DocumentUtil.asString(samlResponseDocument)); SAMLParser samlParser = new SAMLParser(); JAXPValidationUtil.checkSchemaValidation(samlResponseDocument); InputStream responseStream = DocumentUtil.getNodeAsStream(samlResponseDocument); SAML2Object responseType = (SAML2Object) samlParser.parse(responseStream); samlDocumentHolder = new SAMLDocumentHolder(responseType, samlResponseDocument); return responseType; }
/** * Sign the root element * * @param doc * @param signingKey * @param publicKey * @param digestMethod * @param signatureMethod * @param referenceURI * @return * @throws GeneralSecurityException * @throws XMLSignatureException * @throws MarshalException */ public static Document sign(SignatureUtilTransferObject dto) throws GeneralSecurityException, MarshalException, XMLSignatureException { Document doc = dto.getDocumentToBeSigned(); KeyPair keyPair = dto.getKeyPair(); Node nextSibling = dto.getNextSibling(); String digestMethod = dto.getDigestMethod(); String referenceURI = dto.getReferenceURI(); String signatureMethod = dto.getSignatureMethod(); logger.trace("Document to be signed=" + DocumentUtil.asString(doc)); PrivateKey signingKey = keyPair.getPrivate(); PublicKey publicKey = keyPair.getPublic(); DOMSignContext dsc = new DOMSignContext(signingKey, doc.getDocumentElement(), nextSibling); signImpl(dsc, digestMethod, signatureMethod, referenceURI, publicKey, dto.getX509Certificate()); return doc; }
logger.trace("Going to validate signature for: " + DocumentUtil.asString(signedDocument));
log.trace("Sending over to SP:" + DocumentUtil.asString(responseDoc));
/** * Read a {@code SAML2Object} from an input stream * * @param is * @return * @throws ParsingException * @throws ConfigurationException * @throws ProcessingException */ public SAML2Object getSAML2ObjectFromStream(InputStream is) throws ParsingException, ConfigurationException, ProcessingException { if (is == null) throw logger.nullArgumentError("InputStream"); Document samlResponseDocument = DocumentUtil.getDocument(is); if (logger.isTraceEnabled()) { logger.trace("SAML Response Document: " + DocumentUtil.asString(samlResponseDocument)); } SAMLParser samlParser = new SAMLParser(); JAXPValidationUtil.checkSchemaValidation(samlResponseDocument); InputStream responseStream = DocumentUtil.getNodeAsStream(samlResponseDocument); SAML2Object responseType = (SAML2Object) samlParser.parse(responseStream); samlDocumentHolder = new SAMLDocumentHolder(responseType, samlResponseDocument); return responseType; }
} else { if (logger.isTraceEnabled()) { logger.trace("SAML Response Document: " + DocumentUtil.asString(responseDoc));
} else { if (logger.isTraceEnabled()) { logger.trace("SAML Response Document: " + DocumentUtil.asString(responseDoc)); //$NON-NLS-1$
} else { if (logger.isTraceEnabled()) { logger.trace("SAML Response Document: " + DocumentUtil.asString(responseDoc));
} else { if (logger.isTraceEnabled()) { logger.trace("SAML Response Document: " + DocumentUtil.asString(responseDoc));