protected EndpointDescriptor resolveClaimsEndpoint(CredentialClaimsRequest requestCredential)
throws IdentityMediationException {
for (IdentityMediationEndpoint endpoint : requestCredential.getClaimsChannel().getEndpoints()) {
// Look for PWD endpoint using Artifacct binding
if (AuthnCtxClass.PASSWORD_AUTHN_CTX.getValue().equals(endpoint.getType())
&& SSOBinding.SSO_ARTIFACT.getValue().equals(endpoint.getBinding())) {
if (logger.isDebugEnabled()) logger.debug("Resolved claims endpoint " + endpoint);
return new EndpointDescriptorImpl(
endpoint.getName(),
endpoint.getType(),
endpoint.getBinding(),
requestCredential.getClaimsChannel().getLocation() + endpoint.getLocation(),
endpoint.getResponseLocation() != null
? requestCredential.getClaimsChannel().getLocation()
+ endpoint.getResponseLocation()
: null);
}
}
return null;
}
@Override
protected ModelAndView onSubmit(
HttpServletRequest hreq, HttpServletResponse hres, Object o, BindException error)
throws Exception {
CollectUsernamePasswordClaims cmd = (CollectUsernamePasswordClaims) o;
if (logger.isDebugEnabled()) logger.debug("Received CMD" + cmd);
CredentialClaimsRequest cRequestCredential = cmd.getCredentialClaimsRequest();
if (logger.isDebugEnabled())
logger.debug(
"Collecting usenrame/password claims for request "
+ (cRequestCredential != null ? cRequestCredential.getId() : "NULL"));
ClaimSet claims = new ClaimSetImpl();
claims.addClaim(new CredentialClaimImpl("username", cmd.getUsername()));
claims.addClaim(new CredentialClaimImpl("password", cmd.getPassword()));
claims.addClaim(new CredentialClaimImpl("rememberMe", cmd.isRememberMe()));
CredentialClaimsResponse responseCredential =
new CredentialClaimsResponseImpl(
idGenerator.generateId(),
null,
cRequestCredential.getId(),
claims,
cRequestCredential.getRelayState());
EndpointDescriptor claimsEndpoint = resolveClaimsEndpoint(cRequestCredential);
if (claimsEndpoint == null) {
logger.error("No claims endpoint found!");
// TODO : Create error and redirect to error view using 'IDBusErrArt'
}
// We want the binding factory to use a binding component to build this URL, if possible
Channel claimsChannel = cRequestCredential.getClaimsChannel();
claimsChannel = getNonSerializedChannel(claimsChannel);
String claimsEndpointUrl = null;
if (claimsChannel != null) {
MediationBindingFactory f = claimsChannel.getIdentityMediator().getBindingFactory();
MediationBinding b =
f.createBinding(
SSOBinding.SSO_ARTIFACT.getValue(), cRequestCredential.getClaimsChannel());
claimsEndpointUrl = claimsEndpoint.getResponseLocation();
if (claimsEndpointUrl == null) claimsEndpointUrl = claimsEndpoint.getLocation();
if (b instanceof AbstractMediationHttpBinding) {
AbstractMediationHttpBinding httpBinding = (AbstractMediationHttpBinding) b;
claimsEndpointUrl =
((AbstractMediationHttpBinding) b).buildHttpTargetLocation(hreq, claimsEndpoint, true);
} else {
logger.warn("Cannot delegate URL construction to binding, non-http binding found " + b);
claimsEndpointUrl =
claimsEndpoint.getResponseLocation() != null
? claimsEndpoint.getResponseLocation()
: claimsEndpoint.getLocation();
}
} else {
logger.warn(
"Cannot delegate URL construction to binding, valid definition of channel "
+ cRequestCredential.getClaimsChannel().getName()
+ " not foud ...");
claimsEndpointUrl =
claimsEndpoint.getResponseLocation() != null
? claimsEndpoint.getResponseLocation()
: claimsEndpoint.getLocation();
}
if (logger.isDebugEnabled())
logger.debug("Using claims endpoint URL [" + claimsEndpointUrl + "]");
Artifact a = getArtifactQueueManager().pushMessage(responseCredential);
claimsEndpointUrl += "?SSOArt=" + a.getContent();
if (logger.isDebugEnabled()) logger.debug("Returing claims to " + claimsEndpointUrl);
hreq.getSession().removeAttribute("CollectUsernamePasswordClaims");
return new ModelAndView(new RedirectView(claimsEndpointUrl));
}