コード例 #1
0
  protected LogoutRequest buildLogoutRequest(String user, String sessionIdx)
      throws SSOAgentException {

    LogoutRequest logoutReq = new LogoutRequestBuilder().buildObject();

    logoutReq.setID(SSOAgentUtils.createID());
    logoutReq.setDestination(ssoAgentConfig.getSAML2().getIdPURL());

    DateTime issueInstant = new DateTime();
    logoutReq.setIssueInstant(issueInstant);
    logoutReq.setNotOnOrAfter(new DateTime(issueInstant.getMillis() + 5 * 60 * 1000));

    IssuerBuilder issuerBuilder = new IssuerBuilder();
    Issuer issuer = issuerBuilder.buildObject();
    issuer.setValue(ssoAgentConfig.getSAML2().getSPEntityId());
    logoutReq.setIssuer(issuer);

    NameID nameId = new NameIDBuilder().buildObject();
    nameId.setFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:entity");
    nameId.setValue(user);
    logoutReq.setNameID(nameId);

    SessionIndex sessionIndex = new SessionIndexBuilder().buildObject();
    sessionIndex.setSessionIndex(sessionIdx);
    logoutReq.getSessionIndexes().add(sessionIndex);

    logoutReq.setReason("Single Logout");

    return logoutReq;
  }
コード例 #2
0
  private LogoutRequest buildLogoutRequest(
      String user,
      String sessionIndexStr,
      String idpUrl,
      String nameQualifier,
      String spNameQualifier)
      throws SAMLSSOException {

    LogoutRequest logoutReq = new LogoutRequestBuilder().buildObject();

    logoutReq.setID(SSOUtils.createID());
    logoutReq.setDestination(idpUrl);

    DateTime issueInstant = new DateTime();
    logoutReq.setIssueInstant(issueInstant);
    logoutReq.setNotOnOrAfter(new DateTime(issueInstant.getMillis() + 5 * 60 * 1000));

    IssuerBuilder issuerBuilder = new IssuerBuilder();
    Issuer issuer = issuerBuilder.buildObject();

    String spEntityId =
        properties.get(IdentityApplicationConstants.Authenticator.SAML2SSO.SP_ENTITY_ID);

    if (spEntityId != null && !spEntityId.isEmpty()) {
      issuer.setValue(spEntityId);
    } else {
      issuer.setValue("carbonServer");
    }

    logoutReq.setIssuer(issuer);

    NameID nameId = new NameIDBuilder().buildObject();
    nameId.setFormat(NameIDType.UNSPECIFIED);
    nameId.setValue(user);
    nameId.setNameQualifier(nameQualifier);
    nameId.setSPNameQualifier(spNameQualifier);
    logoutReq.setNameID(nameId);

    SessionIndex sessionIndex = new SessionIndexBuilder().buildObject();

    if (sessionIndexStr != null) {
      sessionIndex.setSessionIndex(sessionIndexStr);
    } else {
      sessionIndex.setSessionIndex(UUID.randomUUID().toString());
    }

    logoutReq.getSessionIndexes().add(sessionIndex);
    logoutReq.setReason("Single Logout");

    return logoutReq;
  }
  /**
   * Returns logout request message ready to be sent to the IDP.
   *
   * @param context message context
   * @param credential information about assertions used to log current user in
   * @param bindingService service used to deliver the request
   * @return logoutRequest to be sent to IDP
   * @throws SAMLException error creating the message
   * @throws MetadataProviderException error retrieving metadata
   */
  protected LogoutRequest getLogoutRequest(
      SAMLMessageContext context, SAMLCredential credential, Endpoint bindingService)
      throws SAMLException, MetadataProviderException {

    SAMLObjectBuilder<LogoutRequest> builder =
        (SAMLObjectBuilder<LogoutRequest>)
            builderFactory.getBuilder(LogoutRequest.DEFAULT_ELEMENT_NAME);
    LogoutRequest request = builder.buildObject();
    buildCommonAttributes(context.getLocalEntityId(), request, bindingService);

    // Add session indexes
    SAMLObjectBuilder<SessionIndex> sessionIndexBuilder =
        (SAMLObjectBuilder<SessionIndex>)
            builderFactory.getBuilder(SessionIndex.DEFAULT_ELEMENT_NAME);
    for (AuthnStatement statement : credential.getAuthenticationAssertion().getAuthnStatements()) {
      SessionIndex index = sessionIndexBuilder.buildObject();
      index.setSessionIndex(statement.getSessionIndex());
      request.getSessionIndexes().add(index);
    }

    if (request.getSessionIndexes().size() == 0) {
      throw new SAMLException("No session indexes to logout user for were found");
    }

    SAMLObjectBuilder<NameID> nameIDBuilder =
        (SAMLObjectBuilder<NameID>) builderFactory.getBuilder(NameID.DEFAULT_ELEMENT_NAME);
    NameID nameID = nameIDBuilder.buildObject();
    nameID.setFormat(credential.getNameID().getFormat());
    nameID.setNameQualifier(credential.getNameID().getNameQualifier());
    nameID.setSPNameQualifier(credential.getNameID().getSPNameQualifier());
    nameID.setSPProvidedID(credential.getNameID().getSPProvidedID());
    nameID.setValue(credential.getNameID().getValue());
    request.setNameID(nameID);

    return request;
  }