/** * Get the document as a string while ignoring any exceptions * * @param doc * @return */ public static String asString(Document doc) { String str = null; try { str = getDocumentAsString(doc); } catch (Exception ignore) { } return str; }
/** * Get the document as a string while * ignoring any exceptions * @param doc * @return */ public static String asString(Document doc) { String str = null; try { str = getDocumentAsString(doc); } catch (Exception ignore) { } return str; }
/** * Get the document as a string while * ignoring any exceptions * @param doc * @return */ public static String asString(Document doc) { String str = null; try { str = getDocumentAsString(doc); } catch (Exception ignore) { } return str; }
/** * Signs a SAML assertion using the given security {@link KeyPair}. * @param assertion * @param keypair */ public static String signSAMLAssertion(String assertion, KeyPair keypair) { try { Document samlDocument = DocumentUtil.getDocument(assertion); SAML2Signature sig = new SAML2Signature(); sig.signSAMLDocument(samlDocument, keypair); return DocumentUtil.getDocumentAsString(samlDocument); } catch (Exception e) { throw new RuntimeException(e); } }
/** * Send the request to the IDP * * @param destination idp url * @param samlDocument request or response document * @param relayState * @param response * @param willSendRequest are we sending Request or Response to IDP * @throws ProcessingException * @throws ConfigurationException * @throws IOException */ protected void sendRequestToIDP(String destination, Document samlDocument, String relayState, HttpServletResponse response, boolean willSendRequest) throws ProcessingException, ConfigurationException, IOException { String samlMessage = DocumentUtil.getDocumentAsString(samlDocument); samlMessage = PostBindingUtil.base64Encode(samlMessage); PostBindingUtil.sendPost(new DestinationInfoHolder(destination, samlMessage, relayState), response, willSendRequest); } }
/** * Get the URL for the SAML request that contains the signature and signature algorithm * * @param responseType * @param relayState * @param signingKey * @return * @throws IOException * @throws GeneralSecurityException */ public static String getSAMLResponseURLWithSignature(ResponseType responseType, String relayState, PrivateKey signingKey) throws IOException, GeneralSecurityException { SAML2Response saml2Response = new SAML2Response(); Document responseDoc = saml2Response.convert(responseType); // URL Encode the Request String responseString = DocumentUtil.getDocumentAsString(responseDoc); String urlEncodedResponse = RedirectBindingUtil.deflateBase64URLEncode(responseString); String urlEncodedRelayState = null; if (isNotNull(relayState)) urlEncodedRelayState = URLEncoder.encode(relayState, "UTF-8"); byte[] sigValue = computeSignature(GeneralConstants.SAML_RESPONSE_KEY, urlEncodedResponse, urlEncodedRelayState, signingKey); // Now construct the URL return getResponseRedirectURLWithSignature(urlEncodedResponse, urlEncodedRelayState, sigValue, signingKey.getAlgorithm()); }
/** * Get the URL for the SAML request that contains the signature and signature algorithm * @param responseType * @param relayState * @param signingKey * @return * @throws IOException * @throws GeneralSecurityException */ public static String getSAMLResponseURLWithSignature(ResponseType responseType, String relayState, PrivateKey signingKey) throws IOException, GeneralSecurityException { SAML2Response saml2Response = new SAML2Response(); Document responseDoc = saml2Response.convert(responseType); //URL Encode the Request String responseString = DocumentUtil.getDocumentAsString(responseDoc); String urlEncodedResponse = RedirectBindingUtil.deflateBase64URLEncode(responseString); String urlEncodedRelayState = null; if (isNotNull(relayState)) urlEncodedRelayState = URLEncoder.encode(relayState, "UTF-8"); byte[] sigValue = computeSignature(GeneralConstants.SAML_RESPONSE_KEY, urlEncodedResponse, urlEncodedRelayState, signingKey); //Now construct the URL return getResponseRedirectURLWithSignature(urlEncodedResponse, urlEncodedRelayState, sigValue, signingKey.getAlgorithm()); }
/** * Get the URL for the SAML request that contains the signature and signature algorithm * @param responseType * @param relayState * @param signingKey * @return * @throws IOException * @throws GeneralSecurityException */ public static String getSAMLResponseURLWithSignature(ResponseType responseType, String relayState, PrivateKey signingKey) throws IOException, GeneralSecurityException { SAML2Response saml2Response = new SAML2Response(); Document responseDoc = saml2Response.convert(responseType); //URL Encode the Request String responseString = DocumentUtil.getDocumentAsString(responseDoc); String urlEncodedResponse = RedirectBindingUtil.deflateBase64URLEncode(responseString); String urlEncodedRelayState = null; if (isNotNull(relayState)) urlEncodedRelayState = URLEncoder.encode(relayState, "UTF-8"); byte[] sigValue = computeSignature(GeneralConstants.SAML_RESPONSE_KEY, urlEncodedResponse, urlEncodedRelayState, signingKey); //Now construct the URL return getResponseRedirectURLWithSignature(urlEncodedResponse, urlEncodedRelayState, sigValue, signingKey.getAlgorithm()); }
protected void sendToDestination(Document samlDocument, String relayState, String destination, HttpServletResponse response, boolean request) throws IOException, SAXException, GeneralSecurityException { if (!ignoreSignatures) { SAML2Signature samlSignature = new SAML2Signature(); KeyPair keypair = keyManager.getSigningKeyPair(); samlSignature.signSAMLDocument(samlDocument, keypair); } String samlMessage = PostBindingUtil.base64Encode(DocumentUtil.getDocumentAsString(samlDocument)); PostBindingUtil.sendPost(new DestinationInfoHolder(destination, samlMessage, relayState), response, request); }
protected void sendToDestination(Document samlDocument, String relayState, String destination, HttpServletResponse response, boolean request) throws IOException, SAXException, GeneralSecurityException { if (!ignoreSignatures) { SAML2Signature samlSignature = new SAML2Signature(); KeyPair keypair = keyManager.getSigningKeyPair(); samlSignature.signSAMLDocument(samlDocument, keypair); } String samlMessage = PostBindingUtil.base64Encode(DocumentUtil.getDocumentAsString(samlDocument)); PostBindingUtil.sendPost(new DestinationInfoHolder(destination, samlMessage, relayState), response, request); }
/** * <p>This method populate the request and session with a logout requests to start a global logout from the IdP.</p> * @param request * @param userPrincipal */ private HttpServletRequestWrapper prepareLocalGlobalLogoutRequest(HttpServletRequest request, Principal userPrincipal) { try { SAML2Request saml2Request = new SAML2Request(); LogoutRequestType lort = saml2Request.createLogoutRequest(getIdentityURL()); NameIDType nameID = new NameIDType(); nameID.setValue(userPrincipal.getName()); nameID.setFormat(URI.create(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get())); lort.setNameID(nameID); lort.setDestination(URI.create(getIdentityURL())); byte[] responseBytes = DocumentUtil.getDocumentAsString(saml2Request.convert(lort)).getBytes("UTF-8"); final String samlRequest = RedirectBindingUtil.deflateBase64Encode(responseBytes); return new HttpServletRequestWrapper(request) { @Override public String getParameter(String name) { if (SAML_REQUEST_KEY.equals(name)) { return samlRequest; } return super.getParameter(name); } }; } catch (Exception e) { throw new RuntimeException("Could not perform IdP Initiated Single Logout.", e); } }
/** * <p>This method populate the request and session with a logout requests to start a global logout from the IdP.</p> * @param request * @param userPrincipal */ private HttpServletRequestWrapper prepareLocalGlobalLogoutRequest(HttpServletRequest request, Principal userPrincipal) { try { SAML2Request saml2Request = new SAML2Request(); LogoutRequestType lort = saml2Request.createLogoutRequest(getIdentityURL()); NameIDType nameID = new NameIDType(); nameID.setValue(userPrincipal.getName()); nameID.setFormat(URI.create(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get())); lort.setNameID(nameID); lort.setDestination(URI.create(getIdentityURL())); byte[] responseBytes = DocumentUtil.getDocumentAsString(saml2Request.convert(lort)).getBytes("UTF-8"); final String samlRequest = RedirectBindingUtil.deflateBase64Encode(responseBytes); return new HttpServletRequestWrapper(request) { @Override public String getParameter(String name) { if (SAML_REQUEST_KEY.equals(name)) { return samlRequest; } return super.getParameter(name); } }; } catch (Exception e) { throw new RuntimeException("Could not perform IdP Initiated Single Logout.", e); } }
/** * <p>This method populate the request and session with a logout requests to start a global logout from the IdP.</p> * * @param request * @param userPrincipal */ private void prepareLocalGlobalLogoutRequest(Request request, Principal userPrincipal) { try { SAML2Request saml2Request = new SAML2Request(); LogoutRequestType lort = saml2Request.createLogoutRequest(getIdentityURL()); NameIDType nameID = new NameIDType(); nameID.setValue(userPrincipal.getName()); nameID.setFormat(URI.create(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get())); lort.setNameID(nameID); lort.setDestination(URI.create(getIdentityURL())); byte[] responseBytes = DocumentUtil.getDocumentAsString(saml2Request.convert(lort)).getBytes("UTF-8"); String samlRequest = RedirectBindingUtil.deflateBase64Encode(responseBytes); Session session = request.getSessionInternal(); session.setNote(SAML_REQUEST_KEY, samlRequest); } catch (Exception e) { throw new RuntimeException("Could not perform IdP Initiated Single Logout.", e); } }
/** * <p>This method populate the request and session with a logout requests to start a global logout from the IdP.</p> * * @param request * @param userPrincipal */ private void prepareLocalGlobalLogoutRequest(Request request, Principal userPrincipal) { try { SAML2Request saml2Request = new SAML2Request(); LogoutRequestType lort = saml2Request.createLogoutRequest(getIdentityURL()); NameIDType nameID = new NameIDType(); nameID.setValue(userPrincipal.getName()); nameID.setFormat(URI.create(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get())); lort.setNameID(nameID); lort.setDestination(URI.create(getIdentityURL())); byte[] responseBytes = DocumentUtil.getDocumentAsString(saml2Request.convert(lort)).getBytes("UTF-8"); String samlRequest = RedirectBindingUtil.deflateBase64Encode(responseBytes); Session session = request.getSessionInternal(); session.setNote(SAML_REQUEST_KEY, samlRequest); } catch (Exception e) { throw new RuntimeException("Could not perform IdP Initiated Single Logout.", e); } }
/** * <p>This method populate the request and session with a logout requests to start a global logout from the IdP.</p> * * @param request * @param userPrincipal */ private void prepareLocalGlobalLogoutRequest(Request request, Principal userPrincipal) { try { SAML2Request saml2Request = new SAML2Request(); LogoutRequestType lort = saml2Request.createLogoutRequest(getIdentityURL()); NameIDType nameID = new NameIDType(); nameID.setValue(userPrincipal.getName()); nameID.setFormat(URI.create(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get())); lort.setNameID(nameID); lort.setDestination(URI.create(getIdentityURL())); byte[] responseBytes = DocumentUtil.getDocumentAsString(saml2Request.convert(lort)).getBytes("UTF-8"); String samlRequest = RedirectBindingUtil.deflateBase64Encode(responseBytes); Session session = request.getSessionInternal(); session.setNote(SAML_REQUEST_KEY, samlRequest); } catch (Exception e) { throw new RuntimeException("Could not perform IdP Initiated Single Logout.", e); } }
protected void sendToDestination(Document samlDocument, String relayState, String destination, HttpServletResponse response, boolean request) throws IOException, SAXException, GeneralSecurityException { if (!ignoreSignatures) { SAML2Signature samlSignature = new SAML2Signature(); Node nextSibling = samlSignature.getNextSiblingOfIssuer(samlDocument); if (nextSibling != null) { samlSignature.setNextSibling(nextSibling); } KeyPair keypair = keyManager.getSigningKeyPair(); samlSignature.signSAMLDocument(samlDocument, keypair); } String samlMessage = PostBindingUtil.base64Encode(DocumentUtil.getDocumentAsString(samlDocument)); PostBindingUtil.sendPost(new DestinationInfoHolder(destination, samlMessage, relayState), response, request); }
/** * Send the request to the IDP * @param destination idp url * @param samlDocument request or response document * @param relayState * @param response * @param willSendRequest are we sending Request or Response to IDP * @throws ProcessingException * @throws ConfigurationException * @throws IOException */ protected void sendRequestToIDP( String destination, Document samlDocument,String relayState, HttpServletResponse response, boolean willSendRequest) throws ProcessingException, ConfigurationException, IOException { if(this.supportSignatures) { SAML2Signature ss = new SAML2Signature(); ss.signSAMLDocument(samlDocument, keyManager.getSigningKeyPair()); } String samlMessage = DocumentUtil.getDocumentAsString(samlDocument); samlMessage = PostBindingUtil.base64Encode(samlMessage); PostBindingUtil.sendPost(new DestinationInfoHolder(destination, samlMessage, relayState), response, willSendRequest); } }
/** * Send the request to the IDP * @param destination idp url * @param samlDocument request or response document * @param relayState * @param response * @param willSendRequest are we sending Request or Response to IDP * @throws ProcessingException * @throws ConfigurationException * @throws IOException */ protected void sendRequestToIDP( String destination, Document samlDocument,String relayState, HttpServletResponse response, boolean willSendRequest) throws ProcessingException, ConfigurationException, IOException { if(this.supportSignatures) { SAML2Signature ss = new SAML2Signature(); ss.signSAMLDocument(samlDocument, keyManager.getSigningKeyPair()); } String samlMessage = DocumentUtil.getDocumentAsString(samlDocument); samlMessage = PostBindingUtil.base64Encode(samlMessage); PostBindingUtil.sendPost(new DestinationInfoHolder(destination, samlMessage, relayState), response, willSendRequest); } }
throws ProcessingException { try { String samlMessage = DocumentUtil.getDocumentAsString(samlDocument); String base64Request = RedirectBindingUtil.deflateBase64URLEncode(samlMessage.getBytes("UTF-8")); PrivateKey signingKey = keypair.getPrivate();
byte[] responseBytes = DocumentUtil.getDocumentAsString(responseDoc).getBytes("UTF-8"); byte[] responseBytes = DocumentUtil.getDocumentAsString(responseDoc).getBytes("UTF-8");