public StatusResponseType(StatusResponseType srt) { this(srt.getID(), srt.getIssueInstant()); this.issuer = srt.getIssuer(); this.signature = srt.getSignature(); this.extensions = srt.getExtensions(); this.status = srt.getStatus(); this.inResponseTo = srt.getInResponseTo(); this.destination = srt.getDestination(); this.consent = srt.getConsent(); }
ResponseType response = new ResponseType(); try{ //set some properties of the response object. response.setStatus(1); //return response; }catch (Exception e){ //Some other properties of the response object according to the exception. response.setStatus(0); //return response; }finally{ return response; }
private boolean isSuccessfulSamlResponse(ResponseType responseType) { return responseType != null && responseType.getStatus() != null && responseType.getStatus().getStatusCode() != null && responseType.getStatus().getStatusCode().getValue() != null && Objects.equals(responseType.getStatus().getStatusCode().getValue().toString(), JBossSAMLURIConstants.STATUS_SUCCESS.get()); }
if (! destinationValidator.validate(requestUri, statusResponse.getDestination())) { log.error("Request URI '" + requestUri + "' does not match SAML request destination '" + statusResponse.getDestination() + "'"); return AuthOutcome.FAILED; StatusType status = statusResponse.getStatus(); if(checkStatusCodeValue(status.getStatusCode(), JBossSAMLURIConstants.STATUS_RESPONDER.get()) && checkStatusCodeValue(status.getStatusCode().getStatusCode(), JBossSAMLURIConstants.STATUS_NO_PASSIVE.get())){ log.debug("Not authenticated due passive mode Status found in SAML response: " + status.toString()); return AuthOutcome.NOT_AUTHENTICATED;
@Override public String toString() { return "SamlAuthenticationError [reason=" + reason + ", status=" + ((status == null || status.getStatus() == null) ? "UNKNOWN" : extractStatusCode(status.getStatus().getStatusCode())) + "]"; }
private String getMessageSigningKeyId(SAML2Object doc) { final ExtensionsType extensions; if (doc instanceof RequestAbstractType) { extensions = ((RequestAbstractType) doc).getExtensions(); } else if (doc instanceof StatusResponseType) { extensions = ((StatusResponseType) doc).getExtensions(); } else { return null; } if (extensions == null) { return null; } for (Object ext : extensions.getAny()) { if (! (ext instanceof Element)) { continue; } String res = KeycloakKeySamlExtensionGenerator.getMessageSigningKeyIdFromElement((Element) ext); if (res != null) { return res; } } return null; }
private String extractStatusCode(StatusCodeType statusCode) { if (statusCode == null || statusCode.getValue() == null) { return "UNKNOWN"; } if (Objects.equals(JBossSAMLURIConstants.STATUS_RESPONDER.get(), statusCode.getValue().toString())) { return extractStatusCode(statusCode.getStatusCode()); } return statusCode.getValue().toString(); } }
@Override protected AuthOutcome logoutRequest(LogoutRequestType request, String relayState) { if (request.getSessionIndex() == null || request.getSessionIndex().isEmpty()) { sessionStore.logoutByPrincipal(request.getNameID().getValue()); } else { sessionStore.logoutBySsoId(request.getSessionIndex()); builder.logoutRequestID(request.getID()); builder.destination(deployment.getIDP().getSingleLogoutService().getResponseBindingUrl()); builder.issuer(issuerURL);
public URI getSenderURL() { URI assertionConsumerServiceURL = getAssertionConsumerServiceURL(); if (assertionConsumerServiceURL != null) { return assertionConsumerServiceURL; } NameIDType issuer = getIssuer(); try { if (issuer != null) { return URI.create(issuer.getValue()); } } catch (Exception e) { throw new RuntimeException("Could not resolve sender URL using the Issuer value [" + issuer.getValue() + "]." , e); } throw new RuntimeException("Could not resolve sender URL. AuthnRequest must have a value for AssertionConsumerServiceURL or Issuer."); } }
protected AuthOutcome handleLoginResponse(SAMLDocumentHolder responseHolder, boolean postBinding, OnSessionCreated onCreateSession) { final ResponseType responseType = (ResponseType) responseHolder.getSamlObject(); AssertionType assertion = null; if (! isSuccessfulSamlResponse(responseType) || responseType.getAssertions() == null || responseType.getAssertions().isEmpty()) { challenge = new AuthChallenge() { @Override cvb.addAllowedAudience(URI.create(deployment.getEntityID())); cvb.addAllowedAudience(URI.create(responseType.getDestination())); } catch (IllegalArgumentException ex) {
public static AuthnContextComparisonType fromValue(String v) { for (AuthnContextComparisonType c : AuthnContextComparisonType.values()) { if (c.value.equals(v)) { return c; } } throw new IllegalArgumentException(v); } }
/** * Replace the first assertion with the passed assertion * * @param id id of the old assertion * @param newAssertion */ public void replaceAssertion(String id, RTChoiceType newAssertion) { int index = 0; if (id != null && !id.isEmpty()) { for (RTChoiceType assertion : assertions) { if (assertion.getID().equals(id)) { break; } index++; } } assertions.remove(index); assertions.add(index, newAssertion); }
mResponse = new ResponseType(); final DefaultHandler handler = new ResponseHandler(mElementStack, mResponse, attributes, mXmlReader, this); mElementStack.push("Response");
if (! destinationValidator.validate(requestUri, requestAbstractType.getDestination())) { log.error("expected destination '" + requestUri + "' got '" + requestAbstractType.getDestination() + "'"); return AuthOutcome.FAILED;